Readme File

Network Event Viewer 2008

Mon, 17 Aug 2009 08:30:23 MDT

Copyright (c) 2002-2009 Corner Bowl Software Corporation.
All Rights Reserved.

This document provides late-breaking or other information that supplements
the software documentation.


---------------------------------------------------------------------------
Build Notes
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Build 8.0.0.77 - Mon, 17 Aug 2009 08:11:11 MDT
---------------------------------------------------------------------------
In previous builds the Syslog Configuration Wizard did not display the
maximum consolidation log file size value when modified by the user.  This
bug has been fixed.

In previous builds the filters combo box was enabled when viewing a
frequency detection report even through changing the filter did nothing.
The combo box is now disabled when viewing a frequency detection report.

In previous builds when converting a simple filter to a complex filter the
description was now included in the conversion.


---------------------------------------------------------------------------
Build 8.0.0.76 - Mon, 18 May 2009 03:02:21 MDT
---------------------------------------------------------------------------
In previous builds the service was incorrectly reading and writing the SQL
Server Windows Authentication Mode flag to the hkey_current_user registry
key.  The service now reads the hkey_local_machine registry key.

In previous builds the service was reading the hkey_current_user when
choosing to display log names using color while firing email alerts.  If
the service account did not have access to the current user registry the
service would error when firing these alerts.  If this error is thrown, the
service now defaults to show the logs using color and continues without
incident.


---------------------------------------------------------------------------
Build 8.0.0.75 - Tue, 05 May 2009 04:44:33 MDT
---------------------------------------------------------------------------
When impersonating to Windows 2000 computers users may have received an
invalid logon failure.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.74 - Mon, 06 Apr 2009 10:23:38 MDT
---------------------------------------------------------------------------
In previous builds the logical group assignment did not work when
configuring a single computer.  This bug has been resolved.

We upgraded the 3rd party toolbar, docking bar, and menu bar controls to
the vendors latest version.


---------------------------------------------------------------------------
Build 8.0.0.73 - Tue, 03 Feb 2009 03:49:38 MST
---------------------------------------------------------------------------
In previous builds when tabbing through the Logical Group combo-box within
the Configuration Wizards the logical groups were removed.  This bug has
been resolved.

In previous builds users could get an error when closing the Event Log
Configuration Wizard stating the syslog monitor did not have a filter or
action installed.  This bug has been resolved.


---------------------------------------------------------------------------
Build 8.0.0.72 - Mon, 02 Feb 2009 02:04:41 MST
---------------------------------------------------------------------------
In previous builds the Windows authentication mode option was not loaded
even though set causing a login failure when attempting to read data from
the database.  This bug has been resolved.


---------------------------------------------------------------------------
Build 8.0.0.71 - Mon, 12 Jan 2009 04:02:00 MST
---------------------------------------------------------------------------
In previous builds the export to HTML did not enable users to include the
user entered notes to the output.  Users can now add the {NOTES} tag to the
HTML output enabling the user entered notes to be included in the output.


---------------------------------------------------------------------------
Build 8.0.0.70 - Fri, 19 Dec 2008 12:10:48 MST
---------------------------------------------------------------------------
When consolidating logs to the file system and creating a report to
auxiliary data source logs, the available log files did not display within
the Report Wizard.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.69 - Fri, 12 Dec 2008 03:26:43 MST
---------------------------------------------------------------------------
In previous builds users were able to show the password used to access
remote logs from within the Configuration Wizard.  The button has now been
removed.

The syslog server now includes support for consolidation filters.  To set
a consolidation filter, select the computer or device of interest, select
Syslog Configuration Wizard from the File menu item.  From the Options tab
specify the consolidation filter.  The Syslog Wizard also had the incorrect
title on the Actions tab.  Lastly, the Syslog Wizard allowed the user to
assign an action filter without applying an action.  These bugs have been
fixed.


---------------------------------------------------------------------------
Build 8.0.0.67 - Thu, 04 Dec 2008 03:54:42 MST
---------------------------------------------------------------------------
In previous builds the user interface always tailed the service log file
which if left open locked the file from being truncated by the service.  If
the user closes the Service Output window now, the user interface shuts
down the tail enabling the service to truncate the log.

In previous builds if the auto refresh was turned on and the applied
filter did not allow any entries to display a message box would display
ever time the auto refresh ran.  Unlimitedly 100s of message box would
stack on top each other.  The message no longer displays.


---------------------------------------------------------------------------
Build 8.0.0.66 - Mon, 01 Dec 2008 10:47:36 MST
---------------------------------------------------------------------------
In previous builds the truncate now function found within the Options
dialog did not apply the latest user specified rules prior to running the
truncate function.  This bug has been fixed.

In previous builds the truncate database table function incorrectly logged
the number of entries removed from the primary table. This bug has been
fixed.

In previous builds when removing the maximum downloaded log size
restriction (files system only) the maximum size value would still apply if
the user changed the value even when the check box was de-selected.  This
bug has been fixed.

In some cases a report would fail to execute or properties open.  This
error should have only been seen when a previous major version was
installed prior to installing the latest version.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.64 - Thu, 20 Nov 2008 01:18:27 MST
---------------------------------------------------------------------------
In previous builds a SQL syntax error was thrown when using MySQL, the
archive option was enabled and the computer name contained a dash within
the name.  The SQL syntax neglected to wrap the table name with single
quotes.  This bug has been resolved.

The Print Current Page function has been modified to allow users the
option to override the HTML template.  We also added the Print Current Page
command to the detail view’s popup menu.

The Save Current Page function has been modified to allow users the option
to override the HTML template when exporting to HTML.

Numerous UI enhancements were made to the Save As and Email Selected
Logs/Current View dialogs.

We have added a tutorial that teaches users how to print a date range of
entries from the event log repository.

In previous builds on Windows Vista and Server 2008 when exporting logs
users were unable to browse the local disk.  This bug has been fixed.

When scheduling a report that outputs to a file, users now have the option
to backup the previous report prior to running the report.

When scheduling a report that outputs to a database table, users now have
the option to clear the table prior to running the report.

When scheduling a frequency detection report that outputs to a database
table or downloading a log that has a frequency detection database table
action assigned, the table now includes a column to store the count of
messages detected within the time range.  If the table was created prior to
this build, the table is altered to include the count column.  Current
records are defaulted to null.

In previous builds when firing a message box or tray icon popup alert on
behalf of a download that fires actions based on frequency detection rules,
the count of entries received that matched the filter criteria was not
displayed.  This limitation has been resolved.


---------------------------------------------------------------------------
Build 8.0.0.61 - Fri, 14 Nov 2008 09:41:35 MST
---------------------------------------------------------------------------
In previous builds users could not easily specify the logical operand
(AND/OR) to apply to new complex filter criteria groups.  This bug has been
fixed.

In previous builds a non-fatal error was thrown when running a logon
failure report when the user only configured an account logon report or the
user only configured a logon report but not both.  This bug has been fixed.

The selection behavior has been altered when viewing the Configured
Computers or Downloaded Logs views and selecting the Syslog Configuration
Wizard.  If a syslog node is selected, the wizard opens with the computer
or device the syslog node belongs too.  If other nodes are checked, but the
currently selected node is not, the checked nodes are not included within
the wizard.

The tab order within the Create New Filter dialog was incorrect.  This bug
has been fixed.

Per a user’s request fading popup menu items is now a user settable
option.  To disable the fading popup menu items select Options from the
Tools menu item.  Select the Display tab.  Select None from the ‘Popup
animation’ check box.

When searching for entries on Windows Vista it was difficult to see the
entry that was found.  The list view focused color has been alerted to use
a lighter shade of the highlighted color.

In previous builds the tray icon had a one minute delay built in as a work
around for a startup issue rarely seen on Windows Vista.  We believe we
have resolved the issue and have therefore removed the startup delay.

In previous builds the installation did not automatically install the
platform dependent .Net 2.0 Framework on I64 and X64 computers that did not
already have the prerequisite installed.  The installation has been
modified to, if necessary, download the prerequisites from Microsoft and
install them.


---------------------------------------------------------------------------
Build 8.0.0.58 - Sun, 09 Nov 2008 01:24:43 MST
---------------------------------------------------------------------------
In previous builds when switching between displayed log views, the
message, data, and notes windows did not update properly.  This bug has
been resolved.

We have added an option to the Options dialog to hide the newly displaying
filter prompt dialog when viewing an event log.

From any of the detail list views, pressing Ctrl-A now selects all items.

Several UI enhancements were made to reduce drawing flicker and more
appropriately update the mouse cursor.


---------------------------------------------------------------------------
Build 8.0.0.57 - Wed, 05 Nov 2008 09:48:26 MST
---------------------------------------------------------------------------
Users can now create failed logon reports on-demand or per a configured
schedule.

In previous builds when pressing the left arrow while viewing a sub-group
within a log view an object reference error was thrown.  This bug has been
fixed.

Users can now manually specify a device’s IP address from within the
Syslog Configuration Wizard.

Users can now map computers from within the Configuration Wizard.

Users can now display the Active Directory Auto Configurator via a menu
item under the Tools menu item.

Users can now create, modify and delete filters from the Consolidation tab
within the Configuration Wizard.

Fixed a potential temporary file leak when sending HTML formatted emails.

In recent builds the configuration template save and load buttons were not
visible until after the user resized the Configuration Wizard dialog.  The
buttons have been moved to a location that is visible when the dialog is at
its minimum allowed or default size.


---------------------------------------------------------------------------
Build 8.0.0.55 - Thu, 23 Oct 2008 01:15:12 MDT
---------------------------------------------------------------------------
When rebooting a Server 2003 machine, the service would fail to start when
the service was configured to forward internal messages to a syslog server.
The failure occurs when the Windows Management Instrumentation (WMI)
service has not yet started.  The installation has been updated to install
the service with a dependency on WMI.  If the software was previously
installed, you must uninstall and then re-install for this change to take
effect.

Added help to the search dialog and simple filter criteria dialog for
event ID and/or/range rules.

In previous builds an object reference error was through when a real-time
monitor was configured to send a HTML formatted email message in response
to no entries being received that passed the assigned filter within a time
period.


---------------------------------------------------------------------------
Build 8.0.0.54 - Wed, 15 Oct 2008 01:15:19 MDT
---------------------------------------------------------------------------
In previous builds many users created email notifications and reports that
applied very broad filter criteria causing huge emails to be sent.  In many
cases the emails were so large the email function failed due to a lack of
memory.  The email functions now limit the number of entries to 2000.
Please let us know if 2000 is too limiting and we will consider adding this
value as an option.

All scheduled routines can now be disabled on specific days of the week.


---------------------------------------------------------------------------
Build 8.0.0.53 - Sun, 28 Sep 2008 10:33:17 MDT
---------------------------------------------------------------------------
We have added an extensive tutorial that walks users through different
consolidation configurations and archive procedures.

In previous builds when loading an auxiliary data source the archive tree
nodes within the Downloaded Logs view did not display.  This bug has been
fixed.

In previous builds when a user added an auxiliary data source or changed
an already configured auxiliary data source, if the user did not click the
Apply button the Options dialog would close without prompting the user to
save the changes.  The Options dialog now prompts the user to save the
changes.

When sending HTML emails and exporting to HTML, the event type and log
name now colored.  Information is blue, warning is orange, error is red,
success audit is green, failure audit is red, application log is dark
green, system log is dark blue, and security log is dark red.

In previous builds frequency detection reports only allowed users to see
entries that occurred more than once within the time period.  This was a
problem when, for example, the administrator wanted to see the total count
of a particular entry per day.  If the entry only appeared once, the
frequency detection report did not include the entry within the report.
The Report Wizard has been modified to allow users to specify more than 0
times per unit of time.  When 0 is specified any instance of the entry
causes the frequency detection report to display the entry.

The Filters dialog now allows users to copy a filter to a new filter.

In previous builds the toolbar and menu bar items did not properly enable
in a few very specific instances.  These bugs have been fixed.

We have added a tutorial that explains how to create a daily report that
contains a count of specific entries.  This tutorial shows, for example,
how a user can receive a daily email that lists the number of times a
service was started the previous day.

When exporting the current view to a file, users are now prompted to
automatically open the new file.

Users can now display downloaded log entries and log properties when right
clicking on a download log status item from within the System Status view.

Users can now create a view from a current merge.  Simply right click
within the detail view and select Save As View.

In previous builds when right clicking within the Downloaded Logs or
Reports and Views view on a tree node the popup menu item would flicker.
The popup menu item no longer flickers.

In previous builds when viewing event log entries via the Filter Action
Events (events that passed assigned filter criteria during a download) the
current event type filters and selected filter were applied (toolbar event
type toggles and filters combo box).  Network Event Viewer now sets all the
event type filters and clears the selected filter enabling all entries
selected within the checked Filter Action Events nodes to display as
expected.

In previous builds users would receive an object reference error when
attempting to download logs from a lower cased mapped computer within the
Network view.  This bug has been fixed.

The map computer dialog no longer allows users to see the assigned
password.


---------------------------------------------------------------------------
Build 8.0.0.50 - Tue, 23 Sep 2008 03:00:12 MDT
---------------------------------------------------------------------------
In previous builds when downloading event log entries all entries were
saved to the data repository.  Users can now apply a consolidation filter
that limits the saved entries to those that pass the assigned filter.  Use
the Configuration Wizard to apply a consolidation filter.  Please note,
while making changes to the Configuration Wizard some of the icons and
layout were modified.

The configuration templates did not save download filters and actions or
any of the real-time parameters.  The templates have been updated to save
these parameters.

The Active Directory Auto Configurator did not skip computers listed in
the exclusion list.  This bug has been fixed.

Users can create a new action based on a current action.  From the Actions
Manager select the action to base the new action on and then click Copy.

The action configuration dialogs have been moved from the application
library to our Corner Bowl Software common library enabling code reuse
between all our applications.  Please note there are several minor user
interface differences.

We have boosted the syslog forward action performance.  Previously the UDP
socket was recreated for every entry forwarded.  The UDP socket is now
cached.

When storing logs using MySQL there in some cases the archive function
threw an error causing the archive to fail.  This bug has been fixed.

The export to CSV had a bug in it that caused the log name to appear twice
which shifted the column content from the column headers.  This bug has
been fixed.

When sending email alerts in response to entries passing filter criteria
during a download the text emails (non-HTML) did not use the user
configured settings.  Instead a hard coded format was used.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 8.0.0.46 - Thu, 11 Sep 2008 11:59:20 MDT
---------------------------------------------------------------------------
Users can now quickly add an event to a filter with just a few clicks of
the mouse.  To add an entry to a filter, right click on an event log entry
and select Filter Selected Event.  Once the Filter Selected Event dialog is
loaded, specify if you want to show or hide the event in question.  Select
if you want to create a new filter or append the criteria to an existing
filter. If creating a new filter, specify if you want to create a simple or
complex filter.  Finally, choose if you want to create the filter and apply
the new filter to the current view, create the filter and review the
criteria within the Filters dialog, or create the filter without applying
the filter to the current view.

When creating simple filters users can now specify multiple event IDs by
separating each event ID with a comma.  A range can be specified by
separating the values with a dash.  For example, 100,200,300-400.

The email and HTML templates have been modified to include a footer that
includes the name and location the of software that generated the document.

In previous builds filter criteria time values were displayed in US locale
format.  All filter criteria time fields are now displayed in the current
locale.

In previous builds when importing a configuration to a system that uses a
different locale than the system that generated the configuration, the
filters did not import properly.  This bug has been fixed.

Users now have the capability to suppress alerts and actions.  Users
configure alert and action suppression via the Configuration Wizard or
Syslog Configuration Wizard.  Once configured, the service will assign an
alert flag to the real-time monitor upon an entry passing assigned filter
criteria.  Once the alert flag is set, filtered entries are ignored until
the flag is cleared.  The user can configure the alert flag to
automatically clear after a period of time, for example after an hour, or
the user can manually clear the flag via the user interface.  Once cleared
the next entry that passes the real-time monitor’s filter criteria will
fire.

Users can now specify to exclude weekends when scheduling downloads and
reports.

When creating new complex filter criteria, the user specified DateTime
control associated with time criteria would show the current date and time.
The behavior has been changed so the current date is shown but the time is
set to 12:00 AM.


---------------------------------------------------------------------------
Build 8.0.0.41 - Wed, 27 Aug 2008 03:22:08 MDT
---------------------------------------------------------------------------
Users can now configure the user interface to optionally hide the System
Status window at startup as well as automatically show the Syslog Viewer
window at startup.  To set these options select Options from the Tools menu
item.  Select the Display tab.  Use the Display tab on the Options dialog
to set these options.  The options are listed under the Startup section.

The Top Events tab within the Log Properties Dialog now creates a
graphical representation of the tabular output.  Note that events less than
5% of the total report results are grouped together.

When an empty top events query was returned from the Log Properties dialog
there was no indicator the query returned an empty result set.  A message
is now displayed.

The top events query did not properly execute the Last X Hours query.
This bug has been fixed.

The Log Properties had a bad link to the help file.  This bug has been
fixed.

A real-time monitor tutorial was added to the help file.

The SQL Server tutorial has been replaced with a new tutorial that targets
SQL Server 2005.

In previous builds the Filters toolbar combo box was not updated after
closing the Report and View Wizard.  If the user added a new filter or
removed an old filter the changes would not reflect in the Filters toolbar
combo box.  This bug has been fixed.

In rare cases when adding a computer to a report or view via the Report
and View Wizard the same computer name may have appeared once in lower case
and again in upper case.  This bug has been fixed.

When configuring a single computer within the Configuration Wizard, the
domain combo box had no effect on the login credentials.  This bug has been
fixed.

In previous builds when changing the event log repository type (for
example from file system to MySQL) the Mapped Computers tree node within
the Network View was permanently deleted from the view.  This bug has been
fixed.

The Configuration Wizard now enables users to select and de-select all the
logs displayed within the Logs tab.

In previous builds when adding a filter from within the Configuration
Wizard or Syslog Configuration Wizard new filters were not automatically
assigned and/or selected when the user clicked the Select button from
within the Filters dialog box.  The filter is now automatically assigned if
not already assigned.  Once assigned the filter is selected within the
assigned filters list box.

In previous builds When configuring multiple computers and checking or
un-checking a log from the logs list box, the wizard may not have prompted
the user to save their changes.  This bug has been fixed.

In previous builds when an invalid syslog packet was received the error
message written to the service log did not include the message received.
The behavior has been modified to include the data.  This modification will
help us identify alternate syslog message formats in use.

When using MySQL to consolidate logs, if the user interface initially
loaded with the Reports and Views navigation window item selected, and the
user opened the Reports and Views wizard, the wizard would attempt to
connect to SQL Server instead of MySQL when retrieving a list of available
logs.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.38 - Sat, 23 Aug 2008 11:16:33 MDT
---------------------------------------------------------------------------
Both the Output view and Service Output view did not display application
log entries when run on specific locales.  For example, when run on Italian
operating systems both the Output view and Service view would remain empty
thought out execution time.

From the Report and View Wizard, when browsing for the file to save a
report to or the HTML template to apply, the save as dialog did not
automatically navigate to the location of the current setting.  This bug
has been fixed.

When clicking the Restore Defaults button on the Actions tab of the Report
and View Wizard, the Email and HTML output template was not updated.  This
bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.37 - Fri, 08 Aug 2008 02:52:12 MDT
---------------------------------------------------------------------------
This build includes an email limiter or spam control.  To configure the
email limiter select Options from the Tools menu item.  From the Mail
Connection tab, enable the email limiter and specify the maximum number of
emails to fire and the period to apply the rules.

In previous builds Network Event Viewer did not support Unicode operating
systems when consolidating logs using the file system.  This limitation has
been resolved.  Please note when upgrading the Filter Action Events view
will be empty as the format of the file has changed.  This view will
automatically rebuild over time.

In previous builds all non-user interface actions were saved to a file
called ‘alerts7009’. This file is used by the tray icon to fire user
interface alerts. Non-user interface actions were previously added to this
file so we could someday add a user interface component that showed all
actions fired. Since this functionality already exists in the filter action
events log we decided to remove this functionality from the alerts file
possibly significantly decreasing the alerts file size which in turn
decreases the CPU foot print when the tray icon starts up.

Message box alerts can now be minimized enabling users to look at previous
alerts at any time.  A menu item has also been added to the tray icon popup
menu to enable users to re-open the message box alert dialog after it has
been closed.

Users can now start a process or a batch file when an entry passes filter
criteria.


---------------------------------------------------------------------------
Build 8.0.0.36 - Tue, 01 Jul 2008 09:54:58 MDT
---------------------------------------------------------------------------
When attempting to delete a configuration and the logical group is
checked, at least one computer under the logical group is not checked, and
at least one computer under the logical group is checked an error was
thrown.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.35 - Thu, 26 Jun 2008 10:31:12 MDT
---------------------------------------------------------------------------
The download algorithm sorts entries prior to committing them to the log
repository.  When downloading logs to a database and no filters are
assigned to the download configuration, there is no need to sort the
entries prior to committing them to the database.  In this scenario, the
algorithm has been modified to bypass the sort.  Users should now see
significant performance gains when downloading large logs to a database and
there are no download filters assigned.

In previous builds there was no way to assign a non-standard port to the
MySQL configuration.  Users can now specify the port to connect by
appending “:1234” to the end of the host name.

In previous builds the popup menu re-displayed after deleting a log from
the Downloaded Logs view.  The popup menu no longer re-displays.

When viewing the Filter Actions Events or Reports and Views tabs within
the Navigation window, users may have seen a cast error thrown when
attempting to open the Syslog Configuration Wizard.  This bug has been
fixed.

In prior builds the MySQL archive function might have failed throwing the
following error:  Duplicate entry ‘X’ for key 1.  This bug has been fixed.

In previous builds users would see an object reference error thrown when
attempting to delete a filter when a report was configured without any
filter specified.  This bug has been fixed.

When creating a standard report, users can now include <DATE> and <TIME>
tags within the filename.

In previous builds the View and Delete buttons on the File tab within the
Actions tab within the Report Wizard did nothing.  These bugs have been
fixed.


---------------------------------------------------------------------------
Build 8.0.0.27 - Mon, 09 Jun 2008 07:46:14 MDT
---------------------------------------------------------------------------
In previous builds if the system administrator turned off the application
service or the actual computer for a prolonged period of time, upon reboot
the service could over task the system while attempting to run overdue
scheduled tasks.  The service now re-calculates each overdue task using the
current time.  The end result is that the service is able to start without
over tasking the system.  Each task is pushed out to the next scheduled
time.

When scheduled a task, the schedule control always calculated the next
time to execute using the last time (if the task had previously executed).
If the current time minus the last time was longer than the schedule
interval, the current time was displayed and used to schedule the next time
the service should run the task.  The control has been updated to
re-calculate the next task execution time using the current time as the
last time.

In previous builds if the service was configured to forward internally
generated messages to a syslog server and the service was unable to bind a
client UDP port during startup, the service may have failed to start.  This
bug has been fixed.

The domain and logical group combo-boxes on the Configuration Wizard now
have auto-complete turned on.

In previous builds users could manually advance the tab position within
the Configuration Wizard and the Reports and Views Wizard by-passing some
of the tab page validation routines.  These bugs have been fixed.

Updated the dialog icon displayed in Reports and Views Wizard to match the
icon displayed within the Reports and Views tab within the Navigation
window.

When opening the Actions Manager for a CSV file export, the HTML template
control remained enabled.  The control is now properly disabled.

The items within the list controls on the Actions tab of the Configuration
Wizard and the Filters tab of the Report and View Wizard are now sorted
alphabetically.

In previous builds when downloading logs there was an option to limit
local memory utilization in favor of remote CPU load.  This option put the
entry sorting load onto the remote computer.  The new Windows 2008 and
Windows Vista operating systems return the event log entries in the reverse
order of Windows XP and 2000.  The new order is oldest to latest.  This
format would require NEV to download the entire log file every time and
then sort the entries in memory anyway negating the memory performance
enhancements previously gained.  This option is no longer available.


---------------------------------------------------------------------------
Build 8.0.0.25 - Thu, 29 May 2008 09:57:24 MDT
---------------------------------------------------------------------------
Reports can now be exported to a user defined database table.

The viewer now optionally displays the log name with color.  The
application log name is displayed in green, the system log name is
displayed in blue, and the security log name is displayed in red.  To
display the log names in black, select Options from the Tools menu item.
Select the Display tab.  Lastly, de-select the ‘Display log names using
color’ option.

A toolbar button has been added to the log view toolbar for message
preview.  If you change the option within the log view, the global settings
are not changed.  If you change the message preview option via the View
menu item, the change is global.

We have added the ability to display summary charts when firing emails or
exporting to HTML.  For detailed information, please search on Email and
HTML Templates within the help file.

The code that enables and disables toolbar buttons and menu bar items has
been updated so commands that apply to a window are only enabled when the
window has the appropriate focus.

When separating email addresses with a semicolon followed by a space, the
email function would attempt to send an email to an empty address.  This
bug has been fixed.

If an entry contained more than 4 KBs of data and a syslog action was
executed, the packet was dropped.  The code has been changed to truncate
the message to the maximum UDP packet size allowed.


---------------------------------------------------------------------------
Build 8.0.0.21 - Tue, 20 May 2008 03:02:27 MDT
---------------------------------------------------------------------------
In previous builds users configured syslog filters and actions via the
event log Configuration Wizard.  For ease of use syslog configuration has
been removed from the Configuration Wizard and moved to its own wizard.  To
configure syslog monitoring, highlight the device that contains the syslog
from the Downloaded Logs view.  Right click and select Syslog Configuration
Wizard.

In previous builds the syslog server was only optimized for database
consolidation.  When using the file system to store consolidated logs and
the server received a significant number of syslog messages from the same
device, the CPU could easily get bogged down writing the new entry to the
file system.  The format of the file has been modified to allow for fast
file appending.  This new format may however slow down access to the
entries within the viewer.

When using the file system to store logs, the initial download of a log
would write as many days of entries as defined in the initial download
option and ignore the maximum number of days to store (if set) possibly
causing the initial download to store more days than configured if the
initial maximum days exceeded the maximum number of days to store.  The
file system download has been updated to work the same way downloads to
database work which is to limit the download to the configured initial
maximum number of days to download but also limit the storage to the
maximum number of days to store.

The Report Wizard now automatically selects the installed frequency
detection HTML and email template when a frequency detection report is
created.

In previous builds when changing a report name within the Report Wizard
the original report was not modified but instead a new report was created.
Also, if the new name already existed, the report that had the same name
was overwritten.   These bugs have been fixed.

We have added the tag <ENTRIES> to enable users to display all entries
that pass filter criteria to the message box alert.

The <TIME> tag used to show both the date and time.  We have added the tag
<DATE> and now the <TIME> tag only shows the time and the <DATE> tag shows
the date.  Please update your actions accordingly.

In previous builds if a user logged in and numerous user interface action
were pending they would display continually at login.  When 10s or hundreds
of actions were pending, this format was less than ideal.  If more than 10
actions are pending execution upon user login, the actions are now dumped
enabling the user to login without countless actions being fired.  Please
note the tray icon still displays the red exclamation notifying the user
events have passed filter criteria and are pending review.

The default message for message box actions has been changed to include
all entries that pass filter criteria.  We have also added the ability for
users to set the message box font, font color, and background color.  The
message box also now resizes.  Please note if you have already configured a
message box action your message content configuration will not be modified.

In previous builds the real-time syslog viewer would stop displaying
messages once 1000 messages were received and the user changed the default
column sort or sort direction.  This bug has been fixed.

We have added the ability for users to permanently disable the tray icon
from within the user interface.  To permanently disable the tray icon,
select Options from the Tools menu item.  Select the Display tab.  Under
the Tray Icon heading, check Disable tray icon.

The real-time tab within the Report Wizard now displays all selected
filter names above the frequency detection configuration section.

The help file has been updated to include information on the new features
added.

In previous builds if the application that fired an event log entry did
not properly implement event log resource DLLs, the Windows Event Viewer
would return a message that noted the application bug and include the
message replacement strings.  Network Event Viewer did not show these
replacements strings.  The export to file and application display now
mimics the OS response to applications that do not properly interface with
the OS.  Please note, the Network Event Viewer event log repository has
stored the replacement strings since version 2007 enabling export to EVT
file format.

We added a dialog to distribute download schedules evenly over a
configurable period of time.  The dialog is accessed via the Configuration
Wizard.  Please see the help for more information.

The service log view now offers filter capability.  To view this new
functionality, select Service Log from the View menu item.

The Log Properties dialog now includes a button to view service history.
When clicked, the service log is opened and a regular expression filter
automatically applied to filter out all entries that do not pertain to the
configured log.

In previous builds when creating a frequency detection report with
multiple filters assigned, the selected filters header within the Filters
tab did not list all selected filters.  This bug has been fixed.

Added a MySQL tutorial to the help file.


---------------------------------------------------------------------------
Build 8.0.0.18 - Sun, 11 May 2008 03:20:33 MDT
---------------------------------------------------------------------------
Added multiple data source support called auxiliary data sources.
Auxiliary data sources enable system administrators to view and report on
logs consolidated by other installations of Network Event Viewer.  This
scenario is typically used when an instance of Network Event Viewer is
installed at a remote location, such as a field office or branch, and that
installation pushes log files to a central location such as the corporate
headquarters.  To setup multiple data sources select Options from the Tools
menu item.  Select the last tab called Auxiliary Data Sources.  From this
tab you can configure each auxiliary data source.

In previous builds if a computer was offline and you attempted to view the
consolidated logs properties, the dialog would throw an RPC error and
close.  The error is still thrown, however; the dialog now remains open
enabling administrators to view the Downloaded Log and Top Events tabs.

In previous builds if attempting to clear remote logs via the Downloaded
Logs view and the server in question is offline no error was thrown.
Depending if a single computer or multiple computers are selected an error
is either thrown to a message box or to the output window.

In previous builds when consolidating to the file system rather than a
database all entries that passed filter criteria during a download were
saved to a file called fae7009 located in the common application data
directory rather than within the output directory.  If the environment has
multiple installations of Network Event Viewer installed all pointing to
the same location on the network to store and read consolidated logs, each
installation would only be able to see the events that passed its own
download filters.  The behavior has been changed to match the behavior seen
when using a database to store consolidated logs.  Please note the previous
file is not visible by default.  If you must view the previous file, stop
the service, close the user interface, move the fae7009 file to the output
directory and then rename it to fae80018.  If the file already exists, that
means a download has already occurred and entries passed filter criteria
causing the new file to be created.


---------------------------------------------------------------------------
Build 8.0.0.17 - Wed, 07 May 2008 12:59:16 MDT
---------------------------------------------------------------------------
We added 2 HTML template files that support frequency detection.  The
templates include an extra column named Count.  This column contains the
count of entries that pass the filter criteria.  The template files are
called report_frequency_detection.html and filter_frequency_detection.html.
This files are used for scheduled frequency detection reports and
real-time monitors that apply frequency detection rules.  The files are
located in the installation directory under the HtmlTemplates
sub-directory.  The default location is: C:\Program Files\Network Event
Viewer\HtmlTemplates.  To use the report template, specify the
report_frequency_detection.html file within the Report Wizard.  To use the
filter template create a new Email or HTML export action via the Actions
Manager that points to the filter_frequency_detection.html template.
Lastly, assign the action to your frequency detection rules within the
Configuration Wizard.

When adding new filters within the Configuration Wizard, the Actions and
Real-Time tab did not always refresh the available filters.  This bug has
been fixed.

A non-fatal error was sometimes displayed in the Output window when
opening the Filters dialog.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.16 - Thu, 01 May 2008 08:09:46 MDT
---------------------------------------------------------------------------
Numerous users within large environments have been getting timeout errors.
In response to this issue we have increased the maximum database
connection and command timeout values.  In previous builds the maximum
database connection timeout value was 2 minutes and maximum command timeout
value was 5 minutes.  The maximum connection timeout has been increased to
20 minutes and the default value changed from 15 seconds to 30 seconds.
The maximum command timeout has been increased to 1 hour and the default
value changed from 30 seconds to 5 minutes.

When viewing a log’s properties via the Properties menu item the Apply
button would not enable if the user manually typed a value into the maximum
log size spin control.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.14 - Mon, 28 Apr 2008 09:06:45 MDT
---------------------------------------------------------------------------
This build includes a new report type that enables users to create
frequency reports.  Users assign multiple filters to a report and then set
frequency detection variables to each filter enabling reports such as the
number of times a particular user logged on for the last 24 hours.

The <LATEST_ENTRY> and <OLDEST_ENTRY> tags available within actions
displayed each other’s entry when executed post download or via a scheduled
report.  This bug has been fixed.

When opening the report wizard from the popup menu, upon closing the
wizard the popup menu would sometimes re-display.  This bug has been fixed.

The Download Now menu item is enabled when the Reports and Views view is
selected and focus is contained within a detail document.  In previous
builds, if the user clicked the Download button an error was thrown.  This
bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.12 - Tue, 22 Apr 2008 05:15:23 MDT
---------------------------------------------------------------------------
The less than frequency detection failed to work when no event entries
were received that passed the assigned filter criteria.

Made several minor changes to the help file.

The Mail Connection page within the Options dialog now allows users to
send a test email message.

Build 8.0.0.13


---------------------------------------------------------------------------
Build 8.0.0.11 - Sun, 13 Apr 2008 10:57:23 MDT
---------------------------------------------------------------------------
Added frequency detection support to download schedules as well as real
time monitors enabling administrators to receive notification when an event
fails to fire within a specified frequency or fires more often than
expected.

On some systems, the service was unable to real-time monitor the local
security log file.  This bug has been fixed.

When viewing a log, if you delete the downloaded log from the Downloaded
Logs view, the log view displayed (null) under the log column.  This bug
has been fixed.

When receiving syslog messages from routers or other devices that do not
have host names associated with them and when using MySQL to consolidate
logs, Network Event Viewer attempted to use the IP address within the table
name.  This bug has been fixed.


---------------------------------------------------------------------------
Build 8.0.0.9 - Tue, 01 Apr 2008 03:11:33 MDT
---------------------------------------------------------------------------
When configured to backup previously downloaded log files and the syslog
server was running, a file was created for each syslog messages received.
The behavior has been changed so entries are pre-pended.

When configured to overwrite previously downloaded log files and the
syslog server was running, the syslog file would only contain the last
entry.  The behavior has been changed so entries are pre-pended.

On Windows Vista, when double-clicking on the tray icon, an error would
display if the operating system was unable to start the application.  This
bug has been fixed.

The clear function did not always work when clearing the local event logs.
This bug has been fixed.

The scheduler was updated to include exclusion periods for minute based
schedules.

Fixed forward and backward clock issues.

In previous builds, when syslogging to the localhost, the application
syslog messages did not correctly bind to the local adapter.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 8.0.0.7 - Wed, 19 Mar 2008 10:55:31 MDT
---------------------------------------------------------------------------
Added the ability to print the current page.  Network Event Viewer uses
the ‘view.html’ template to produce a temporary HTML file.  This file is
then opened using the program associated with HTML documents.  Users can
create their own custom template that includes their corporate look and
feel as well as which columns to print.

The Filter Action Events view contains a list of all entries that passed
assigned filter criteria during a log download.  Many users are now
exporting all entries to EVT file format using empty filters.  In previous
builds, if a filter was empty, all entries were duplicated in the filter
action events log repository.  The behavior has been changed so entries are
only written to the filter action events log repository when the filter has
criteria assigned (in other words it’s not empty).

When consolidating to the file system, if a log contained multiple
identical entries, the user could not set the flag or notes for any
duplicate entry other than the first entry found in the log repository.
This bug has been mostly fixed.  If you open the user interface, display
the log, allow the service to download new entries, then attempt to set an
entry other than the first entry found, the first entry is still set.

In previous builds actions might fail if the actions data file was empty.
This bug has been fixed.

The clear function used an old internal .Net API.  The function has been
updated to use WMI when appropriate.

When refreshing the Network view, the mapped computers node was removed
from the view.  This bug has been fixed.

The database, file export, and email actions did not log user friendly
message upon failure.  These bugs have been fixed.


---------------------------------------------------------------------------
Build 8.0.0.4 - Sun, 02 Mar 2008 10:55:31 MST
---------------------------------------------------------------------------
File export actions applied to scheduled downloads now optionally
automatically backups previously created files to a sub-directory called
backup.

In previous builds the export to EVT did not create the output directory
if it did not exist.  This bug has been fixed.

When a user selected to display the report from the Report Wizard the
report was not automatically displayed.  This bug has been fixed.

We recently learned users were creating empty filters and applying them to
all downloads so they could create EVT file backups.  The software saves
all passed entries to an alerts file.  This functionality was for 2
reasons.  First, it was added so user interface alerts could display the
events that passed the filter criteria.  Second, it was created so some
time in the future we could see the history of the alerts and their
contents.  Since this format is file based and the software already saved
all entries to the filter action events table or file this functionally
does not add much value.  The software has been modified so events are
added only when a user interface action is assigned.

When multiple actions were applied to the same download configuration,
each entry that passed the filter was added to the filter action events
table or file once for each action.  This bug has been fixed.

If a user deleted all the Filter Action Events entries, the next time
entries were appended to the log a non-fatal error was thrown while
attempting to truncate the log.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.64 - Tue, 29 Jan 2008 01:48:52 MST
---------------------------------------------------------------------------
If an action was removed but still assigned to a download configuration,
an object reference error was thrown during download and when closing the
Configuration wizard.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.63 - Wed, 23 Jan 2008 09:03:29 MST
---------------------------------------------------------------------------
Administrators can now monitor event logs in real-time.

In previous builds logical groups in the Configured Computers view were
always expanded.  When creating multiple logical groups with many
computers, this view format was cumbersome.  The behavior has been changed
so the view is only expanded if a single logical group exists.

The Actions Wizard did not save the vertical resize bar location.  This
bug has been fixed.

The Actions Wizard now supports selecting and deleting multiple actions at
the same time.

In previous builds the message box action did now force the message box to
the top of the window order.  This bug has been fixed.

In previous builds viewing the Properties Dialog for an available syslog
caused an error to be thrown and the dialog would immediately close.  This
bug has been fixed.

In previous builds administrators were unable to set the remote log
properties via the Properties Dialog due to a code obfuscation bug.  This
bug has been fixed.

The help file was updated to reflect changes made since the previous build
of the help file.


---------------------------------------------------------------------------
Build 7.0.0.60 - Tue, 15 Jan 2008 08:13:07 MST
---------------------------------------------------------------------------
When creating a complex time based filter users would receive an error
when applying a type other than a custom time.  Users were also not able to
see updates when applying a custom time.  These bugs have been fixed.

The syslog server logged received entries to a file so the viewer could
easily display the received entries.  This file was never truncated.  The
behavior has been changed so the file is only written to when the viewer is
open.  When the viewer closes, the file is now deleted.


---------------------------------------------------------------------------
Build 7.0.0.57 - Mon, 07 Jan 2008 09:10:20 MST
---------------------------------------------------------------------------
Currently all alerts are logged to a binary file for future display of
historical alerts.  By default all alerts and entries associated with the
alerts were saved for 90 days.  The nevti (tray icon) executable loads this
file during startup to fire all alerts that occurred while the primary user
was logged off.  Currently there is no way to set this value other than
manually setting a registry entry.  The application has been updated to
default this value to 3 days.

The Display Logs popup menu item did not always enable or disable
correctly.  This bug has been fixed.

The service did not truncate the syslog log files when entries were
received.  The service has been updated to truncate the syslog log files
once an hour.


---------------------------------------------------------------------------
Build 7.0.0.55 - Fri, 28 Dec 2007 09:16:28 MST
---------------------------------------------------------------------------
In previous builds, messages that contained a slanted ' could not be
written.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.54 - Thu, 20 Dec 2007 09:31:26 MST
---------------------------------------------------------------------------
When displaying logs in previous builds, if no entries were found on the
first page, the viewer did not automatically move to the next page.  We
have added an auto advance option which automatically searches each page
until an entry that matches the current filter criteria is found.

In previous builds users did not have the ability to quickly advance to a
specific page.  Users can now select a date they wish to view.  Once
selected the viewer displays the page that contains the selected date.

Added a Downloaded Log tab to Log Properties dialog.

Added a Top Events tab to the Log Properties dialog that enables users to
query the log for the top x number of unique events.

When highlighting a log in the Downloaded Logs view in previous builds,
the log was automatically displayed.  This was an annoyance when users
wanted to view the Log Properties dialog or execute another function
available via the right click popup menu.  The behavior has been changed to
display the popup menu immediately after the user highlights the log. A new
menu item was added to the top of the popup menu enabling the user to
display the log.

Users can now create time based filters enabling messages that are
received during maintenance hours to be ignored.

Users can now create filters that limit results to a specified number of
hours prior to the current time.

Fixed a syslog server error when the service was syslogging its own
messages, the syslog server was on, and the connection to the database
could not be made.

In previous builds, the Find toolbar item was enabled when no merges were
displayed.  This bug has been fixed.

When using MySQL, if the service was unable to connect to the database, an
error was written to the log stating and exception was thrown rather than
including the error message sent by the MySQL data access library.  This
bug has been fixed.

The message box alert maintains alert history.  In previous builds the
list was never truncated causing memory to leak.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.52 - Tue, 04 Dec 2007 09:01:37 MST
---------------------------------------------------------------------------
Network Event Viewer now supports archiving entries to a secondary event
log database table when using a database to consolidate logs.

Updated the help file to include information on archiving and updated
syslog section to better explain how to monitor syslog messages.  Also made
several minor changes to the help file.

In previous builds, when adding a filter via the Configuration Wizard or
the Report Wizard, if the user clicked the Close button on the Filters
dialog, any new filters added were not inserted into the available filters
list.  This bug has been fixed.  Also, now if the user clicks the Select
button from the Filters dialog, the filter is automatically selected in
both wizards.

In previous builds, the status window would display a bogus time if the
configuration computer’s logs had not yet been downloaded.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 7.0.0.51 - Sun, 18 Nov 2007 10:37:35 MST
---------------------------------------------------------------------------
When downloading logs, a DNS lookup is run to minimize timeouts for off
line computers.  When IP addresses are mapped, the DNS lookup may fail
causing the download to fail.  The download function no longer runs DNS
lookups for IP addresses.

Uses can now backup the software configuration to file.  To backup, select
Export Configuration from the Tools menu item.  To import, select Import
Configuration from the Tools menu item.  Please note, the current
configuration is deleted prior to the application of the saved
configuration.


---------------------------------------------------------------------------
Build 7.0.0.49 - Mon, 05 Nov 2007 07:41:00 MST
---------------------------------------------------------------------------
Double-clicking log in status window now displays the downloaded event log
file.

When the mouse hovered over a status window item, the item became
underlined, however; clicking on the items did nothing.  Most of the items
listed now take the user to a specific configuration dialog.

In previous builds, the system status window did not reflect changes made
from the options dialog until after the system status windows was
re-opened.  This limitation has been resolved.

Users can now rename logical groups from the Downloaded logs view.

In previous builds, the syslog server did not immediately start when the
service was restarted.  The syslog server is now immediately started.

In previous builds, the Change Service Login wizard did not permit the
user to clear the assigned account to run the service under the Local
System account.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.48 - Thu, 01 Nov 2007 08:45:57 MDT
---------------------------------------------------------------------------
Several changes were made to the Active Directory connection dialog as
well as the code that creates the query string enabling support for
connection strings that contain the actual hostname and port the LDAP
server resides.

In previous builds, users could not use email servers such as gmail
because they require a SSL connection.  SSL support has now been added to
the email client.

The remote log properties dialog was updated to include download now and
view now buttons.

The Active Directory Auto Configuration dialog did not resize properly.
This bug has been fixed.

When storing logs to the file system, the size field in the File System
Status window in the System Status form did not include archived logs found
in sub-directories.  This bug has been fixed.

The Active Directory auto configuration was only able to monitor nodes
directly under the root.  This bug has been fixed.

Previously, the Auto Configurator did not have a method to assign login
credentials. The Active Directory configuration dialog now includes an
optional domain field for specifying the login account.  When configuring
new computers, the Auto Configurator assigns the account information
assigned to the Active Directory configuration.

The Configuration Wizard includes a new tab for specifying an alternate
account to use when downloading logs.  This functionality enables users to
select a set of computers and update the account information all at once.

Impersonated calls to WMI did not include domain information.  This bug
may have incorrectly caused access denied errors when connecting to
computers on another domain.  This bug has been fixed.

The HTML templates have been updated.

The export to EVT would fail if a user specified in a log entry could not
be resolved.  This bug has been fixed.

The Report wizard did not validate the output file extension.  This bug
has been fixed.

When the service failed to download or save an event log, a download error
was written to the nev.log file, however the host name and event log name
were not included in the message.  The log message now contains this
information.


---------------------------------------------------------------------------
Build 7.0.0.44 - Wed, 17 Oct 2007 10:26:54 MDT
---------------------------------------------------------------------------
The syslog viewer would not display entries that contained tabs in the
message.  This bug has been fixed.

Increased the optional maximum size of the file system based cached logs
from 5 MBs to 20 MBs.


---------------------------------------------------------------------------
Build 7.0.0.43 - Tue, 16 Oct 2007 06:47:35 MDT
---------------------------------------------------------------------------
Available event logs were previously discovered using a .Net API even when
the WMI API was selected.  This bug has been fixed.

The default database command timeout has been increased from 30 seconds to
2 minutes.

The Actions Manager form now enables users to resize the list of
configured alerts.

The output and service output windows have been updated to use a control
that automatically wraps message text.

Added New Logical Group toolbar button.

Updated Configure Actions icon and added toolbar button.

When using the up and down button in the Entry Form, focus would switch to
the viewer.  Focus now remains in the Entry Form.

In previous build if a user dragged a syslog viewer column header and
dropped the header anywhere other than on top the list view header, the
column was lost. This bug has been fixed.

When a sub-tree item in the Network view tree was selected and the parent
was then collapsed, the parent would immediately expand.  This bug has been
fixed.


---------------------------------------------------------------------------
Build 7.0.0.42 - Wed, 10 Oct 2007 04:06:10 MDT
---------------------------------------------------------------------------
A fatal error was thrown when configuring a new computer and not
specifying a logical group.  This bug has been fixed.

The list item icons in the detail view all displayed one pixel too low.
This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.41 - Thu, 04 Oct 2007 10:15:18 MDT
---------------------------------------------------------------------------
When the syslog server received a message from a device that did not have
a hostname associated with it, an error was thrown and the message was not
saved.  The server now uses the IP address in place of a hostname.

The Configured Computers tree view did not sort the logical groups.  This
bug has been fixed.

The Actions Manager dialog did not sort the actions.  This bug has been
fixed.

The Configuration Wizard did not sort the available and assigned filters
and actions.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.40 - Tue, 02 Oct 2007 10:16:03 MDT
---------------------------------------------------------------------------
The help file was updated to reflect many of the recent enhancements.

Updated the type icons displayed in the toolbar and merge view.

When clearing a filter, sometimes the type filter would clear as well
causing nothing to display.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.39 - Sun, 30 Sep 2007 12:45:21 MDT
---------------------------------------------------------------------------
When many computers were listed in the Configured Computers view, there
was no way to drag and drop a computer to a logical group that was not
currently displayed on the screen.  The nodes in the tree view now scroll
when dragging to a logical group that is not currently displayed.

Users can now assign computers to a logical group from the Configuration
Wizard.

Updated the 3rd party menu bar, toolbar, and docking windows controls to
build 2.0.0.94.


---------------------------------------------------------------------------
Build 7.0.0.38 - Thu, 27 Sep 2007 09:30:14 MDT
---------------------------------------------------------------------------
When making some installation changes for Windows Vista, a maintenance
installation bug was introduced that caused some maintenance installations
to fail.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.37 - Wed, 26 Sep 2007 11:31:01 MDT
---------------------------------------------------------------------------
Modified the help contents of the Intro tab of the Configuration Wizard.

Added tool tips to the filters and actions buttons on the Actions tab of
the Configuration Wizard.

Modified the help contents of the Intro tab of the Report and View Wizard.

Modified the Verify tab of the Report and View Wizard to more clearly
explain that actions are only executed when a report is run from the
Windows Service on behalf of an enabled schedule.

When discovering logs, some computers return a registry access denied
error.  The UI now automatically displays the Map Computer dialog enabling
credentials to be assigned.

When displaying a report or view in the UI, if you cleared the filter, all
type filters were also cleared.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.36 - Tue, 25 Sep 2007 09:20:56 MDT
---------------------------------------------------------------------------
On certain systems update installations and un-installations would fail
due to a system library missing.  This bug has been fixed.

On some systems the selected or focused System Status list item was
difficult to read.  This bug has been fixed.

We made some minor changes to the syslog server status to more accurately
display the status.

Rarely the menu bar, toolbars, and navigation window would disappear.  We
have been unable to duplicate the problem, however; we have added some code
to ensure the menu item, toolbars, and navigation window always displays at
startup.


---------------------------------------------------------------------------
Build 7.0.0.35 - Sun, 23 Sep 2007 09:02:00 MDT
---------------------------------------------------------------------------
On certain machines, Network Event Viewer was unable to download the local
security log file.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.34 - Thu, 20 Sep 2007 09:05:04 MDT
---------------------------------------------------------------------------
If the system was shutdown while a download was running and using a
database to consolidate logs, entries not already downloaded and saved
would not be consolidated.  To fix this bug we have added transaction
support to our download algorithm.

If the consolidation database ran out of space and entries existed outside
the maximum number of days to store, the download would still fail.  This
occurred because the truncate function was always executed after the
download.  Since the download failed, the truncate function was never run.
The behavior has been change so the truncate function is now run first
freeing up space for the next download.

If the consolidation database ran out of space there was no way to
decrease the maximum number of days and then manually truncate the
database.  The Options dialog now includes a button to allow users to
manually truncate the database to a specific number of days.

If a user sets type filters (info, warning, critical, etc.) in the viewer
and then sets and clears a filter, the type filters remain set.  This may
be problematic when viewing large logs.  The user would have to remember to
set the type filters back the way they wanted them before they cleared the
filter.  The behavior has been changed to the viewer remembers the type
filters selected prior to selecting a filter.  When the filter is cleared,
type filters are then set back to the values prior to the filter being set.

The merge information window above the viewer used to always contain every
log that was initially selected in the merge.  Now if the user deselects
one of the log toolbar buttons after a merge, the merge information
contents are updated so that log name no longer appears in the merge
information window.

The manual export logs to file function did not allow users to define the
filename.  Users can now specify 4 different tags to help create automatic
filenames that make sense to the user.  The tags are <HOST>, <LOG>, <DATE>,
and <TIME>.

There are many different type of access exceptions that get thrown when
discovering logs and downloading log contents.  The viewer handles some of
these exceptions and when appropriate offers the user the option to map
credentials to the computer.  Several more access exceptions are now
handled.

The Configuration Wizard would enable users to create a configuration
without any logs selected.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.33 - Tue, 18 Sep 2007 12:58:28 MDT
---------------------------------------------------------------------------
When downloading entries the service or user interface would hang if
attempting to truncate the filtered action events log.

The application would sometimes display a window (that you could not
close) in the taskbar or on the desktop when a message box action was fired
immediately following a user login.  A delay of one minute has been added
so this Windows bug is hopefully avoided.


---------------------------------------------------------------------------
Build 7.0.0.29 - Sun, 16 Sep 2007 10:57:12 MDT
---------------------------------------------------------------------------
Added move up and move down functionality to the complex filter dialog.

Users can now convert simple filters to complex filters.

The simple filter criteria dialog now includes a combo box to filter
events based on the flag, flag complete, or no flag.

Added action column which shows a red exclamation point if the entry
passed an assigned filter when it was downloaded.

Updated the red flag, flag complete, and clear flag icon.

In previous builds, when adding a new group to a complex filter and no
criteria was selected, the group was added below the first criteria.  The
group is now added to the end of the list.

Added Ctrl-C handler to system status items enabling the user to use text
to speech software on this page.

The Ctrl-C event handler was not being properly handled when focused on an
entry.  This bug has been fixed.


---------------------------------------------------------------------------
Build 7.0.0.28 - Wed, 12 Sep 2007 11:59:16 MDT
---------------------------------------------------------------------------
In previous builds the tab order was accidentally changed.  This bug has
been fixed.

In previous builds if you assigned a filter without assigning an action, a
cast exception was thrown.  This bug has been fixed.

From the Configuration Wizard, when an assigned filter or action was
assigned to a sub-set of selected configurations the highlight color and
highlight text colors were difficult to read on certain themes.  This bug
has been fixed.

From the Configuration Wizard, when removing the last action from an
assigned filter, the filter was removed in the configuration but not form
the user interface.  The behavior has been changed to leave the filter
assignment in the configuration.

From the Configuration Wizard, when double-clicking an item in the
assigned filters or assigned actions list box a fatal error was thrown.
This bug has been fixed.

In previous builds the installation was not updating the toolbar settings
file.  Several newly added toolbar items were not displaying.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 7.0.0.26 - Mon, 10 Sep 2007 06:15:46 MDT
---------------------------------------------------------------------------
Added MDI support.  Each log or merge is now displayed in its own tabbed
window enabling users to flip between different logs.

An automatic log discovery function was added enabling systems
administrators to search a domain for a specific computer name or computer
type, discover the available logs, and lastly select the specific logs.
This function is available for both the Network view and the Active
Directory view.  Users can also use this function to select specific logs
via the Downloaded Logs view.  To use this function, select the domain or
logical group and select Select Specific Computers from the Tools menu
item.

The message preview has been modified to remove line feeds and white space
enabling more of each message to display.


---------------------------------------------------------------------------
Build 7.0.0.25 - Mon, 03 Sep 2007 08:53:08 MDT
---------------------------------------------------------------------------
Network Event Viewer now includes a Syslog server that saves received
messages enabling users to consolidate syslog messages, assign filters, and
fire actions.

Logs can now be consolidated to a MySQL 5.0 database.

The viewer now optionally displays a preview of each message.

The Downloaded Logs view now lists all logs under their corresponding
logical group.

When a domain is enumerated via the Network View or the Configuration
Wizard, the each computer type is determined enabling the software to
display different icons for domain controllers, computers running SQL
Server, servers, and workstations.  Users can automatically select any of
the 4 types by right clicking the Network View and selecting Select
Specific Computers.

We have added simple filters back into the application.  Users can now
create simple and complex filters.

Users can now associated comments with each entry.

Actions have been totally overhauled.  Users now configure global actions
and assign them to download configurations enabling simpler action
management and assignment.  Network Event Viewer now supports firing sound
and message box notifications.  The system tray popup has been overhauled
as well enabling the oldest entry that passed filter criteria to appear in
the balloon popup.

Users can now export event logs to the Windows EVT format enabling
consolidated logs to be viewed in Windows Event Viewer.

In 6.0 filter action events were stored in a file.  In 7.0 if using a
database backend to store consolidated logs, the filter action events are
now stored in the database.  This format enables multiple installations of
Network Event Viewer to view the filter action events.

Users can now rename logical groups by pressing F2 from the Configured
Computers view.

Added the ability to flag filter action events.

The Configuration Wizard now verifies download rights against the
Application log which should decrease the amount of security errors users
receive.

Added logical group tree node expanders to the Configured Computers view
enabling users to easily expand and collapse logical groups.

Added an On Enter handler to the Find window enabling users to type a
message to search for and press enter without having to use their mouse to
click on the Find button.

Updated the View Service Log toolbar icon.

When downloading logs from Vista computers or remote computers with
different time zones set, the time was stored incorrectly.  This bug has
been fixed.

If storing event logs in SQL Server and a message was over 4096 bytes, a
truncate error was thrown stopping all older entries from being saved.  The
message is now truncated and all older entries saved.

In later builds of 6.0 a bug had been introduced that disabled navigation
through the viewer from the entry popup window.  This bug has been fixed.

The Active Directory Auto Configuration dialog used to open when there
were no current configurations and no active directory node was selected.
This bug has been fixed.

The Find window did not trap the On Delete event enabling the user to
delete characters from the message search text box.  This bug has been
fixed.

Tab order for some items in the Filter dialog was incorrect.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 6.0.0.61 - Sun, 12 Aug 2007 07:42:13 MDT
---------------------------------------------------------------------------
Logs that contained events with null messages would not display when a
filter that contained message criteria was applied.  This bug has been
fixed.


---------------------------------------------------------------------------
Build 6.0.0.60 - Tue, 24 Jul 2007 09:29:47 MDT
---------------------------------------------------------------------------
Regular expression evaluation for event type filter criteria did not work.
This bug has been fixed.

Does Not Contain exclusion filter criteria did not work.  This bug has
been fixed.

When deleting a filter, the mouse cursor would switch to an hour glass
without returning to a pointer until the dialog was closed.  This bug has
been fixed.


---------------------------------------------------------------------------
Build 6.0.0.58 - Mon, 16 Jul 2007 05:26:43 MDT
---------------------------------------------------------------------------
When selecting a log file via the Network view, if access is denied no
message box was displayed.  A message box is now displayed and the user is
given the opportunity to specify credentials.

When opening the Options dialog before any logs have been downloaded,
users would be asked to create the output directory.  The output directory
is now automatically created.

When browsing for the html template via the options dialog, the folder was
not automatically selected.  This bug has been fixed.

In the download status window, the word ‘entries’ was misspelled in 2
different places.

When configuring a new computer, the Enabled check box was un-checked.
The check box is now checked.

When viewing the properties for certain event log files, such as Internet
Explorer, an object reference error was thrown.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.57 - Mon, 02 Jul 2007 01:12:32 MDT
---------------------------------------------------------------------------
All application data files are now stored in the common and application
data paths.

When converting legacy filters and creating new filters, the match case
and use regular expressions flags were not saved.  This bug has been fixed.

The Filter Action Events view now supports multi-select enabling users to
delete multiple filtered events from the view.

When applying a filter, in previous builds, the type filters that were
current set were still executed.  In other words, if the filter stated to
show all, for example, warning events, but the warning event type toolbar
button was de-selected, no warning events would be shown.  The application
now sets all event type filters and then executes the filter.  Once the
filter has executed, the user can then use the event type toolbar buttons
to filter out specific event types.

The toolbars were updated to isolate filter toolbar buttons.

When merging logs, the host names and log names that are contained in the
merge are now displayed in the detail view.  The header can now be resized
so all merge information can be viewed.


---------------------------------------------------------------------------
Build 6.0.0.56 - Thu, 28 Jun 2007 08:54:36 MDT
---------------------------------------------------------------------------
Filtering has been totally overhauled.  You can now create nested search
criteria that includes support for AND, OR, and NOT criteria.

When deleting a filter, reports were not scanned for dependency.  This
caused reporting to fail with an object reference not found error.  This
bug has been fixed.

Added De-Select All menu item to the Network view’s right click popup
menu.

The installation now closes all open Network Event Viewer windows.


---------------------------------------------------------------------------
Build 6.0.0.53 - Thu, 07 Jun 2007 07:59:14 MDT
---------------------------------------------------------------------------
Email content and HTML output can now be customized using file templates.

Added tag insertion support to the Configuration Wizard, the Reports
Wizard, and the Option’s dialog Mail Contents tab.

When the application starts up the first time, the user is no prompted to
configure the email server connection.

When creating or modifying a report, the check box to run the report upon
dismissing the dialog is now checked by default.

The Option’s dialog description of the maximum number of days to download
was updated.

The content of the Report Wizard’s Verify tab was updated.

The help file was updated.


---------------------------------------------------------------------------
Build 6.0.0.52 - Thu, 31 May 2007 11:21:58 MDT
---------------------------------------------------------------------------
In previous builds, networks that have Novell servers would list the
servers in the network view.  Since Novell servers do not have Windows
Event Logs, this node no longer appears in the Network view.

A minor bug that generated a ‘File not found’ error in the service log has
been fixed.  Several status messages were added to the Report algorithm.

Several changes were made to increase the load time of the internal
service log when viewed from the user interface.  The entries are also now
sorted from oldest to newest.


---------------------------------------------------------------------------
Build 6.0.0.51 - Wed, 23 May 2007 04:28:34 MDT
---------------------------------------------------------------------------
Since logical grouping was added, the new Configuration Wizard would
always throw a cast exception when dismissed.  This bug has been fixed.

Since logical grouping was added, a refresh of the Configured Computers
view would cause all items under the Unassigned Logical Group to reload.
This caused any checked items to lose their check state.  This bug has been
fixed.


---------------------------------------------------------------------------
Build 6.0.0.50 - Sun, 20 May 2007 08:53:54 MDT
---------------------------------------------------------------------------
Since build 6.0.0.46, the tray icon was not updating properly.  This bug
has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.49 - Wed, 16 May 2007 10:48:31 MDT
---------------------------------------------------------------------------
The installation executable and all Corner Bowl Software developed
binaries are now digitally signed.

On Windows Vista, the tray icon did not startup the application with
administrator rights.  A manifest file was added to fix this bug.


---------------------------------------------------------------------------
Build 6.0.0.48 - Wed, 09 May 2007 10:50:23 MDT
---------------------------------------------------------------------------
On Windows Vista, the installation would install the shortcuts with
Standard rights even though the program requires administrator privileges.
This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.47 - Tue, 08 May 2007 01:19:24 MDT
---------------------------------------------------------------------------
When running on Windows Vista, the software would send the IP address
instead of the domain in the HELO or EHLO commands.  Since Vista defaults
to IPv6, the command would fail.  The behavior has been changed to send the
domain as required by the RFC 821 rather of the IP address.

Previously there was no way to download a portion of a log file that
contained hundreds of thousands of entries per day during the first
download.  To accomplish this, users must change the default WMI download
option from ‘Minimize remote CPU…’ to ‘Minimize local memory…’ via the
Options dialog.  Once selected, any attempted first downloads which are
cancelled, are now saved.


---------------------------------------------------------------------------
Build 6.0.0.46 - Fri, 04 May 2007 10:50:43 MDT
---------------------------------------------------------------------------
In previous builds, Network Event Viewer only supported SQL Server
authentication.  The application now supports both SQL Server and Windows
Authentication modes.  Use the Options dialog to set the login preference.
Please note, the Network Event Viewer service must be running with
appropriate Windows credentials to properly connect.

Moved all registry keys from Janco Associates, Inc. to CornerBowl.


---------------------------------------------------------------------------
Build 6.0.0.45 - Thu, 03 May 2007 09:37:51 MDT
---------------------------------------------------------------------------
A help message is thrown when the user attempts to deselect all message
types or logs from the toolbar.

In demo mode the Configuration Wizard was allowing users to configure more
than 4 computers.  Once configured, users could not open the Configuration
Wizard with all the configured computers selected.  This bug has been
fixed.

When scheduling a report, the Verify configuration tab displayed the
schedule incorrectly.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.44 - Tue, 01 May 2007 09:07:18 MDT
---------------------------------------------------------------------------
Users can now place configured computers into logical groups.  To create a
new logical group, select New Logical Group from the File menu item.
Specify a name.  Use the mouse to drag and drop each configured computer to
the appropriate logical group.


---------------------------------------------------------------------------
Build 6.0.0.43 - Mon, 30 Apr 2007 08:13:26 MDT
---------------------------------------------------------------------------
Network Event Viewer can now watch Active Directory tree nodes for new
computers.  When a new computer is discovered, pre-configured settings are
applied and logs automatically monitored and archived. Configuration
settings are saved via the standard Configuration Wizard dialog.  The
Configuration Wizard dialog also now supports loading already saved
configuration templates.

All the combo boxes that list Event Logs now include the default Windows
Server logs:  Directory Service, DNS Server, File Replication Service.


---------------------------------------------------------------------------
Build 6.0.0.42 - Sun, 08 Apr 2007 05:57:52 MDT
---------------------------------------------------------------------------
In previous builds users on networks that utilize HTTP proxy servers were
unable to register the software and receive automatic product updates.
Once the proxy server is set via the registration dialog, users now receive
automatic updates.


---------------------------------------------------------------------------
Build 6.0.0.40 - Mon, 26 Mar 2007 10:04:54 MDT
---------------------------------------------------------------------------
When a filter was created from the Configuration Wizard dialog, the
toolbar filter combo box was not updated.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.39 - Mon, 19 Mar 2007 07:31:58 MDT
---------------------------------------------------------------------------
When overriding the default output filename in the Configuration Wizard,
the file browse dialog did not include support for html or txt files.  This
bug has been fixed.

The Report Configuration wizard did not include support for output to html
or txt files.  This bug has been fixed.

When exporting Report results to csv or xml, an object reference error was
thrown and the report would not be generated.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.38 - Wed, 14 Mar 2007 09:55:16 MDT
---------------------------------------------------------------------------
The viewer now, optionally, automatically refreshes the log view.  To
enable auto refresh and set the refresh frequency, open the Options dialog
from the Tools menu item.  Select the Display tab.  Specify the refresh
options.


---------------------------------------------------------------------------
Build 6.0.0.37 - Mon, 26 Feb 2007 08:23:09 MST
---------------------------------------------------------------------------
Users can now create filters for all events that have occurred today,
yesterday, the current week, or the previous week.


---------------------------------------------------------------------------
Build 6.0.0.36 - Wed, 21 Feb 2007 11:21:54 MST
---------------------------------------------------------------------------
Network Event Viewer now supports on-demand and scheduled reporting of
downloaded logs.  This functionality has been long awaited and now offers
systems administrators the ability to receive weekly reports of specific
events.  Please note, events are sorted by date in ascending order.


---------------------------------------------------------------------------
Build 6.0.0.34 - Tue, 16 Jan 2007 11:29:05 MST
---------------------------------------------------------------------------
You can now email download error alerts.  To configure the service to
email an alert when a download fails, select Options from the Tools menu.
At the bottom of the download tab, enable the error email alert, specify
the address, and lastly specify the subject.  The subject supports the
following replacement tags: <HOST>, <LOG>, <ERROR>.

If the user moved the navigation bar commands up or down, the new position
were lost when the application was re-loaded.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.33 - Tue, 09 Jan 2007 07:59:04 MST
---------------------------------------------------------------------------
Users can now configure computers grouped within Active Directory nodes.
The default Active Directory tree is discovered, however; other Active
Directory trees can be configured via the Options dialog.  Manual
configuration may be required if running via a VPN connection.

The HTML output was updated to better support printing.


---------------------------------------------------------------------------
Build 6.0.0.30 - Mon, 18 Dec 2006 09:41:59 MST
---------------------------------------------------------------------------
A large download would previously block downloads scheduled after the
large download started.  The download algorithm has been enhanced so other
downloads can start while a large download is currently running.

Modified the format of the output messages so they are easier to read.


---------------------------------------------------------------------------
Build 6.0.0.29 - Fri, 15 Dec 2006 02:59:59 MST
---------------------------------------------------------------------------
When using SQL Server to store logs on an Italian system, an error was
thrown preventing the logs from being stored.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.28 - Thu, 07 Dec 2006 08:16:47 MST
---------------------------------------------------------------------------
When downloading, NEV would leak temporary files.  This bug has been
fixed.

On computers running UK locale systems, NEV was unable to truncate SQL
Server tables.  This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.27 - Tue, 05 Dec 2006 02:37:40 MST
---------------------------------------------------------------------------
Both the search criteria and find dialog now optionally support regular
expressions for Source, Category, Event ID, and User.

Updated the view detail header color for the Royal theme.


---------------------------------------------------------------------------
Build 6.0.0.26 - Wed, 15 Nov 2006 09:02:47 MST
---------------------------------------------------------------------------
The map computer dialog automatically displays when selecting a computer
on the Logs tab of the Configuration Wizard or when selecting a computer
from the Network View and the user's credentials do not have rights to
query the list of available logs.

The 'Limit filter actions to new entries' option has been removed.  This
option made little sense and was likely confusing to many.  We removed this
option to simplify the download tab of the options dialog.  The option
enabled users to apply a new filter to all previously downloaded entries
and execute filter actions for the entire log file (not including archived
or backed up entry files).  If a new filter is created and a filter action
needs to be applied to entries already downloaded, delete the downloaded
log file and wait for the next scheduled download.  If other filter actions
have been assigned and entries already passed those filters, the assigned
filter action will execute again.  If you use this option, please contact
us to talk about your situation so we can determine if we should roll the
option back in.

When downloading a log and either the maximum number of days to store (SQL
Server) or the maximum file size (file system) is reached, the message
output was 'informational'.  The level has been increased to 'notice' and
the message string updated.

If a computer was mapped with lower case and logs were retrieved from the
Network View (and the casing in the network view was upper), 2 computers
would display in the downloaded logs view. Entries downloaded from the
Network View would display the host name in the casing as seen in the
Network View while logs downloaded via the Configured View or Downloaded
logs view would display in the casing used when the computer was mapped.
Computer nodes now always display in upper case in the Downloaded Logs
view. All entries now display the hostname in upper case as well.

On some systems the output windows would display the icons with a black
background.  This bug has been fixed.

The icons in the detail list view were washed out.  This bug has been
fixed.


---------------------------------------------------------------------------
Build 6.0.0.22 - Fri, 20 Oct 2006 02:29:45 MDT
---------------------------------------------------------------------------
Made numerous help file updates per recent GUI and engine changes.

When mapping a computer, the computer is now automatically selected.

Added select all and de-select all to Download Logs and Filter Action
Events views.

Updated several menu bar/toolbar item states.

Update the tip of the day content.


---------------------------------------------------------------------------
Build 6.0.0.21 - Wed, 18 Oct 2006 01:59:47 MDT
---------------------------------------------------------------------------
Added Getting Started section to help which includes sample tasks.

Added SQL Server connection and command timeout configuration parameters
to the Option dialog.

The toolbar buttons were not updated when moving focus to the Configured
Computers view. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.20 - Tue, 17 Oct 2006 12:44:48 MDT
---------------------------------------------------------------------------
Removed the filter combo box from the Filter menu item. Renamed Manage
Filters menu item to Filters. Updated the content and the visual appearance
of the View Filters dialog and renamed the View Filters dialog to Filters.
Renamed the Add Event Filter dialog to Filter Criteria.

Removed the message ‘You must check at least one computer’ in all cases
except when selecting the Merge command and no computers or logs are
selected.

Updated several menu bar and toolbar command states.


---------------------------------------------------------------------------
Build 6.0.0.19 - Sun, 15 Oct 2006 11:45:49 MDT
---------------------------------------------------------------------------
When using the file system to store logs, the backup option used to
re-download the entire log. The functionality has been changed to only
download the entries since the previous download. All previous entries are
backed up, and the new entries appear in the root log. To view all the
entries at once, simple select the logs in the date folders to merge.

The notifications or filter action events, used to display in a popup
Window. The Window was removed in build 6.0.0.12 and replaced with a tree
node in the Downloaded Logs view. The tree node no longer exists in the
Downloaded Logs view. Instead a Navigation view called Filter Action Events
was added. Each filter action that has had entries pass is displayed. To
remove all entries for a specific filter action, select the filter action
and click the Delete toolbar icon.

Added 3 view icons to the Data view. You no longer have to right-click to
view the data in Ascii or Unicode format. The view format was not saved in
previous builds, this bug has been fixed.

All of the Navigation views now support smart refreshing. Instead of
reloading each view when a change is made, the tree is iterated, new items
added, old items removed.

From the Configured Computers view, all computers with at least one log
configured for automatic download display a clock in the icon.

Network view icons were washed out. This bug has been fixed.

Added label to the left of the new page size control in the detail view.

Several toolbar icons were updated.

The Save Log As dialog now reloads the last directory a log was exported
to.

The page buttons sometimes included an extra day. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.16 - Thu, 12 Oct 2006 03:17:47 MDT
---------------------------------------------------------------------------
When downloading, the Download Dialog no longer appears. Instead, the
status is logged to a new view called Download Status. A cancel download
button was added to the toolbar. Users can now minimize the application
while it is downloading.

Added a page size control to the detail header.


---------------------------------------------------------------------------
Build 6.0.0.15 - Wed, 11 Oct 2006 02:45:02 MDT
---------------------------------------------------------------------------
Added a major update to the download log algorithm. Users can optionally
specify, via the options dialog, to use local memory or the remote CPU to
handle each log query.

The icons in the Navigation bar and the log view were washed out. This bug
has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.14 - Mon, 09 Oct 2006 08:01:42 MDT
---------------------------------------------------------------------------
When using SQL Server to store logs, entries written after 12:00 PM on the
current day were not showing up.  This bug has been fixed.

The Follow Up option was enabled when viewing the Notification Log
entries.  The notification log does not currently support this feature so
the menu item is now appropriately disabled.

Made minor control position adjustment to the Log Properties dialog.


---------------------------------------------------------------------------
Build 6.0.0.13 - Sun, 08 Oct 2006 08:53:24 MDT
---------------------------------------------------------------------------
The Change Service Login dialog did not support an account with a blank
password. This bug has been fixed.

When service credentials are assigned via the Change Service Login dialog,
'Log on as Service' rights are now assigned to the specified account.

The log view now limits the message level column width.

When using SQL Server to store all logs and the locale was set to English
(United Kingdom), the logs would not display. This bug has been fixed.

When selecting a log from the Downloaded Logs view, the properties menu
item did not enable. This prevented the user from seeing the Log Properties
dialog. This bug has been fixed.

The output window now contains icon representation of the message level
and the time the message was added to the window. The control now displays
tooltips on mouse over.


---------------------------------------------------------------------------
Build 6.0.0.12 - Thu, 05 Oct 2006 10:09:54 MDT
---------------------------------------------------------------------------
The notification log window has been removed and replaced with a tree node
in the Downloaded Logs view. Upon selection, the notification entries
display. When displayed, a filter column header is present.  The
notification log is now cleared by clicking the Delete toolbar button. To
remove a single entry from the notification log, select the item and press
Del or click the Delete toolbar button.

Added display information to list view header.

From the Network View, you can now select the Mapped Computers tree node,
right click, and click ‘Select Specific Computers’. The following dialog
enables users to search and check mapped computer tree nodes using regular
expressions.

The configuration wizard now contains a download now check box. The check
box is automatically selected when configuring logs for the first time.
Once configured, the check box is no longer automatically selected.

When left clicking in the flag column, the flag state is now automatically
iterated from none to follow up, to flag complete, to the clear flag.

The event type and flag columns are now fixed width.

The download toolbar button icon was updated.

The tray icon message and icons were updated.

The Change Service Logon menu item was changed to Change Service Login.

Upon mapping a computer, the Mapped Computers tree node is now
automatically expanded.

Added some debug messages when truncating SQL Server table. To view the
messages, run the service in verbose mode.

The export to CSV was writing out null when using the file system cache
and the record id when using the database cache. This bug has been fixed.

Date time format was always in MM/dd/yyyy format instead of using the
system locale format.  Entry date time information is now displayed in
system locale.

The follow up flag only worked when using the SQL Server log cache. While
fixing this bug, the follow up icons were updated.

When upgrading, the installation uninstalled the service and re-installed
it. When re-installed, the previous credentials were dropped.  The upgrade
installation no longer uninstalls the service but rather stops the service,
updates the file, and lastly re-starts the service maintaining the service
credentials.

On startup, if the user did not have administrator rights, the application
crashed. This bug has been fixed. The application now, notifies the user
and then exits.

Machines that had multiple IP addresses might have seen an error at
startup stating the license was assigned to another computer. This bug has
been fixed.


---------------------------------------------------------------------------
Build 6.0.0.9 - Wed, 20 Sep 2006 12:27:54 MDT
---------------------------------------------------------------------------
Fixed several critical bugs with the schedule controls in the
Configuration Wizard


---------------------------------------------------------------------------
Build 6.0.0.8 - Sun, 17 Sep 2006 09:58:56 MDT
---------------------------------------------------------------------------
Added a new help file and updated links throughout application.

When creating the Configuration Wizard in 6.0, the maximum log files size
parameter was dropped from the user interface. This bug has been fixed.

The mapped computer properties was displaying the logged in users domain
even if the credentials set did not use a domain. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.7 - Fri, 15 Sep 2006 09:24:46 MDT
---------------------------------------------------------------------------
The Actions tab of the Configuration Wizard was and may still be somewhat
confusing. The tab control is now disabled when a filter is not selected in
the list. The text below the applied filter list now contains a sentence to
instruct the user to apply a filter from the combo-box and then select the
filter from the list.

When upgrading from version 5.0 to 6.0 all configured computers that had
filters associated from them were lost. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.6 - Fri, 15 Sep 2006 01:50:45 MDT
---------------------------------------------------------------------------
You can now view and manage the remote log properties. To open the remote
log properties dialog, select the appropriate log from the Network view,
right click, and lastly, select Properties.

In previous builds, users were unable to open the Select Specific
Computers dialog when the Mapped Computer's node was selected. This
functionality has been added.

Version 6 builds did not append previously downloaded entries to the new
downloaded log. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.5 - Wed, 13 Sep 2006 10:40:02 MDT
---------------------------------------------------------------------------
The Find dialog, filters, and Select Specific Computers dialog now support
regular expressions. The find and filter functions support regular
expressions for both the host and the message.

The Change Service Logon dialog was pre-pending the domain to the username
instead of selected the domain in the combo box. This bug was introduced in
the previous build and was only evident when opening the dialog after the
service had already been assigned domain rights. This bug has been fixed.


---------------------------------------------------------------------------
Build 6.0.0.4 - Fri, 08 Sep 2006 12:31:51 MDT
---------------------------------------------------------------------------
Added a check box to domain nodes in the Network View and configuration
wizard enabling users to select all computers in a domain.

Updated help in SQL Server tab of Options dialog as well as fixed several
display issues with the Options dialog.

Added domain combo-box to service configuration wizard.

Added monthly frequency to check for updates and updated look of Check for
Updates dialog.

Associated icon with Tools | Options menu item.


---------------------------------------------------------------------------
Build 6.0.0.3 - Thu, 07 Sep 2006 12:33:05 MDT
---------------------------------------------------------------------------
Several enhancements and bug fixes were made to the Map Computer dialog.
The form icon was updated. The domain text box was updated with a combo-box
that displays the current domain and lists all other previously entered
domains. The first time the Show password button was clicked, the password
was not displayed. This bug has been fixed.

The Event Form (form that displays when log entry is double-clicked) was
enhanced. The up, down, and copy icons were updated. The data text box was
replaced with the same HEX control displayed on the main form.

The Change Service Logon dialog was enhanced. A graphical control was
added to the left. The titles were changed. The help on the first page was
updated. The username assigned to the service is now automatically
displayed.

The configuration wizard dialog was updated to include helpful
instructions about NEV on the first page. The PDA message list box now
always displays a vertical scroll bar.

The tip of the day dialog no longer automatically appears. The initial
focus was also changed from the tip text box to the Next button.


---------------------------------------------------------------------------
Build 6.0.0.2 - Tue, 05 Sep 2006 08:19:01 MDT
---------------------------------------------------------------------------
The notification form now supports sorting entries by column.

When removing all entries from the notification form, the message and data
controls did not clear. This bug has been fixed.

When attempting to configure a computer from the Downloaded Logs view, an
object reference error was thrown. This bug has been fixed.

The notification form now contains the filter name that fired the alert.

When there were a significant number of notification entries, the
notification form loaded very slowly. The load time has been dramatically
improved.

Build 6.0.0.1 did not delete log configurations when deselected. This bug
has been fixed.

Filter actions can now be configured to override the application syslog
host and facility defaults.


---------------------------------------------------------------------------
Build 6.0.0.1 - Mon, 04 Sep 2006 09:48:08 MDT
---------------------------------------------------------------------------
NEV 5.0 wrote all entries to a propriety binary file.  NEV 6.0 now
optionally supports writing all entries to SQL Server 2000 or 2005.  A
table is generated for each log downloaded enabling the system to scale to
thousands of systems.

Each log can now be separately scheduled and configured.

The schedule algorithm was enhanced to include hourly and monthly
frequencies.

The configuration wizard now enables users to export filtered results to
TXT, CSV, HTML and XML.  CSV export has been optimized for Microsoft Excel
import.

When configuring multiple computers from within the configuration wizard,
you can now, via a new combo-box, select a specific computer to view and
modify its configuration.

In 5.0, users could configure all entries to be written to one SQL Server
table.  This format did not scale.  You can now configure a separate SQL
Server table per filter action.  To write all entries, simply create a
filter that allows all entries to pass.  To write entries from multiple
filters to the same table, simply specify the same table name.  When
upgrading, to write all entries, simply create a filter that allows all
entries to pass, assign the filter as an action, and lastly, configure the
action to write to a table.

In 5.0, users could configure all entries to be syslogged.  You must now
configure a filter action to syslog entries.  When upgrading, to syslog all
entries, simply create a filter that allows all entries to pass, assign the
filter as an action, and lastly, configure the action to syslog.

In 5.0, the Export Current View and Export Logs menu items saved the
content as tab-delimited files.  This function has been moved to File menu
items now called "Save Current Page As" and "Save Logs As" respectively.
The function has been enhanced to support export to TXT, CSV, HTML or XML.
Tab-delimited exports are no longer supported.  CSV export has been
optimized for Microsoft Excel import.

You can now e-mail the selected logs or the current page.  The e-mail sent
includes both HTML and TEXT formats.  This functionality is accessed from
the File menu "Email Current Page" and "Email Selected Logs" items.

In 5.0, you could not view or update login credentials for mapped
computers.  You can now select a mapped computer and view and modify the
login credentials.

By default, message contents routinely did not contain the entire error
message but rather the message replacement strings along with a standard
system error.  This occurs when WMI is not selected as the API to download
the messages.  WMI has now been turned back on as the default for new
installations.  When upgrading, the current configuration settings take
precedence.

When copying a message, columns that were empty were always included.
Empty columns are no longer included.

You can now clear remote logs from the Downloaded Logs view.

You can now configure computers from the Downloaded Logs view.

Pressing View | Refresh or F5 recursively discovers the entire network
while the Network View has focus, refreshes the configuration list while
the Configured View has focus, or refreshes the log entry view while the
log entry view has focus.

When NEV is configured to backup previously downloaded files the date the
backup folder was created is displayed in the downloaded logs view.  The
icon that was displayed has been updated.

The installation engine was upgraded to InstallShield 12.

The installation now supports installing to a user selected directory.

The configuration wizard and configuration dialog have now been combined.


If you selected a filter before ever displaying any logs, an object
reference error was thrown.  This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.30 - Mon, 31 Jul 2006 11:12:49 MDT
---------------------------------------------------------------------------
Added ability to select or de-select multiple entry types and logs before
committing load.


---------------------------------------------------------------------------
Build 5.0.0.29 - Sat, 29 Jul 2006 08:54:44 MDT
---------------------------------------------------------------------------
From the downloaded logs view, you can now synchronize the log contents.
To synchronize the logs, check the logs to synchronize and click the
Download Remote Logs from the Tools menu item.

If the schedule tag is included in the email notification, the schedule
now displays in a more user friendly manner.

When using the Windows Service to schedule downloads and specifying an
hourly schedule, you can not exclude a time range.

The Service | View Log menu item was not working. This bug has been fixed.

The messages sent to the service log file contained an obfuscated value.
This bug has been fixed. Old log entries may display with incorrect icons
and text colors.

You can now configure NEV to limit log files to a number of days. Entries
older than the configured date can optionally be archived. Archive files
can also be limited to a number of days.


---------------------------------------------------------------------------
Build 5.0.0.28 - Thu, 13 Jul 2006 09:27:56 MDT
---------------------------------------------------------------------------
Added support to export entries to SQL Server 2000 and 2005.


---------------------------------------------------------------------------
Build 5.0.0.23 - Tue, 06 Jun 2006 01:00:49 MDT
---------------------------------------------------------------------------

---------------------------------------------------------------------------
Build 5.0.0.22 - Sat, 03 Jun 2006 10:56:04 MDT
---------------------------------------------------------------------------
You can now override the default SMTP port via the Options dialog. Use the
following format to override the port: servername:port. For example:
mail.diskmonitor.com:30000


---------------------------------------------------------------------------
Build 5.0.0.21 - Wed, 03 May 2006 10:02:42 MDT
---------------------------------------------------------------------------
Added ability to search and automatically select computers.

Obfuscated code


---------------------------------------------------------------------------
Build 5.0.0.20 - Sun, 30 Apr 2006 11:36:38 MDT
---------------------------------------------------------------------------
Updated the licensing scheme to include a digitally signed license file
that must be downloaded from our registration web service.

Redesigned about dialog and include new license information.

You can now map a computer and specify login credentials.

When viewing multiple logs at the same time, the page count was not being
set to the log with the oldest entries. This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.19 - Mon, 03 Apr 2006 09:24:24 MDT
---------------------------------------------------------------------------
When the viewer attempted to update on a schedule and there were no new
updates, a message box would appear stating that there are no new updates.
This message box now only appears when the user selects Help | Check for
Updates.

The configuration wizard did not have the default button set. It is now
set to the Next button.

When there were no computers configured, the configuration wizard would
show the top network node with a check. The check box has been removed.

The notification dialog was using some old icons. The icons have been
updated.

The list view in the notification dialog had column sort headers turned on
even though the dialog does not support sorting. The flag has been turned
off.

When the viewer loads, the last filter applied is restored.

After closing the filter dialog, the filter in the filter combo box before
the current filter was applied. This bug has been fixed.

You can now start and close the tray icon from the Service menu item.

When flipping backwards between selecting logs and selecting computers on
the configuration wizard dialog, the dialog could display empty if the view
format (auto discover or manual) changed.

Install now defaults WMI off.


---------------------------------------------------------------------------
Build 5.0.0.18 - Thu, 30 Mar 2006 01:51:22 MDT
---------------------------------------------------------------------------
Multiple filters and actions can now be applied to one configuration.

When downloading in the viewer and entries match filter criteria, all
action messages are displayed in blue in the output window.

When checking for updates, if there are no new updates, no message box
appeared with this information. A dialog stating no new updates are
available now displays.

When updating to latest version of software the status dialog showed in
the taskbar. The dialog no longer appears in the status bar.

Filter dialog had a cancel button which didn't actually cancel any user
actions. The button has been changed to Close.

Updated third party toolbar control to latest version.

When the service encountered an error while download a log, the error
message was dropped. This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.13 - Tue, 28 Mar 2006 01:50:50 MDT
---------------------------------------------------------------------------
Moved the syslog entries check box from the Download Schedule tab to the
Logs tab in the Configuration dialog.

The download form now saves and reloads the size and position as well as
the list view column widths.

By default all newly configured computers now limit the downloaded log
files to 5 MBs.


---------------------------------------------------------------------------
Build 5.0.0.12 - Mon, 27 Mar 2006 01:50:01 MDT
---------------------------------------------------------------------------
The service now logs all messages to the local syslogger. From the options
dialog you can redirect the messages to a remote host.

Either all entries or filtered entries can optionally be forwarded to the
configured syslogger.

When downloading, if the service was stopped during a download or the GUI
download was cancelled and NEV is configured to backup log files, the files
would be backed up. The behavior has changed so the backup only occurs if
the service or GUI completes the download successfully.

When downloading, if NEV was configured to move previously downloaded logs
to a backup directory and no new entries had been written, the logs were
still moved and the entries re-downloaded. The behavior has been changed to
only move the files if there are new entries to download.

When de-selecting a log from the toolbar, the page buttons could
incorrectly be enabled. Clicking on them would cause a non-fatal error to
display. This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.11 - Tue, 21 Mar 2006 01:49:30 MDT
---------------------------------------------------------------------------
The following error message 'Download error. Host: [HOST]  Log: [LOG]
Error: File not opened' was displayed when downloading logs for the first
time. This error prevented messages from being downloaded.


---------------------------------------------------------------------------
Build 5.0.0.10 - Mon, 20 Mar 2006 01:48:51 MDT
---------------------------------------------------------------------------
The date range in the detail view showed an extra day even though the
contents did not include entries from the oldest date. This bug has been
fixed.

When displaying pages in increments of 1 day. The detail header now only
shows a single date rather than a range.

If a computer was mapped with the IP address, in some cases the logs would
not display. This bug has been fixed.

When selecting a log via the Network view from a host that is configured,
all configured logs displayed rather than just the log that was selected.
This bug has been fixed.

When viewing large files, and de-selecting a type filter (Info, Warning,
Error, etc...) the application could crash with a stack overflow error.
This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.9 - Thu, 16 Mar 2006 01:48:07 MDT
---------------------------------------------------------------------------
Added icons to the service menu items.

Added an icon to the Clear Flag menu item. Also added a toolbar button for
the Clear Flag command.

When the service menu popped up, the service status was not checked. This
bug has been fixed.

The demo version now enforces a 4 computer configuration limit.

If a configuration did not have any logs associated with it, the service
and user interface would hang when downloading. This bug has been fixed.


---------------------------------------------------------------------------
Build 5.0.0.8 - Thu, 16 Mar 2006 01:47:35 MDT
---------------------------------------------------------------------------
When viewing entries in groups, and sorting by date, the entries are
grouped into Today, Last Week, and 7 Days prior to today.

The detail view now shows a message when ever its contents are empty.

Sometimes the detail view header would not show the text. This bug has
been fixed.

Fixed a hang in service that occurred when a scheduled download took
enough time that another scheduled download had to immediately start when
the current download finished.

Updated several messages that are displayed during and after a download is
complete.


---------------------------------------------------------------------------
Build 5.0.0.7 - Mon, 13 Mar 2006 01:46:20 MDT
---------------------------------------------------------------------------
Added hex control to the notification view that enables you to right click
and select HEX, ASCII, or Unicode views of the data.

Added <LOG> tag to email subject and bodies

The default email subjects now include the <LOG> tag

Added a reset defaults button to the configuration dialog.

You can now refresh the Downloaded Logs view by pressing F5 or View |
Refresh.

Removed the Previous Page and Next Page toolbar buttons from the Standard
toolbar since they are already highly visible above the detail view.

Added a Check For Updates option from the Help menu.

The setup now includes the ISScript.MSI package.

When changing the page size the current view was not updated. This has
been fixed.


---------------------------------------------------------------------------
Build 5.0.0.6 - Thu, 09 Mar 2006 01:45:17 MST
---------------------------------------------------------------------------
Major update to user interface.

User interface now uses a selection style navigation bar for the Network,
Configured Computers, and Downloaded Logs views.

When moving windows around, the user interface now includes indicators
that help the user understand their options.

Toolbars can now be docked in different locations.

User interface is now smarter when selecting or checking computers.

Both the service and the user interface now fire off a thread for each log
retrieval.


---------------------------------------------------------------------------
Build 4.0.0.47 - Sun, 19 Feb 2006 01:44:17 MST
---------------------------------------------------------------------------
Entries are now viewed in pages. By default a page contains the last 7
days of entires. Use the Options dialog to change the number of days in a
page. Use the toolbar buttons next to the Information toolbar button to
move through the pages.

Events can now be viewed in groups. Select Arrange Entries in Groups from
the View menu item.

Column sorting is now persisted between application sessions.

On an upgrade the installation was overwriting the file that contains the
position of the internal windows. This bug has been fixed.

When using the Micrsoft EventLog API some messages rely on dlls on the
local machine to display the correctly. If the dlls are not present or can
not be found, the message is not diplayed properly. The Microsoft WMI API
solves this problem. By default this API is now used. This setting can be
changed via the Options dialog.

Updated some of the toolbars to use the new .Net 2.0 ToolStrips.


---------------------------------------------------------------------------
Build 4.0.0.46 - Mon, 19 Dec 2005 01:42:04 MST
---------------------------------------------------------------------------
When a host was configured to clear logs after downloaded, the local file
contents were not correctly updated. This bug has been fixed.

Upgraded the compiler to Visual Studio 2005 and .Net 2.0


---------------------------------------------------------------------------
Build 4.0.0.45 - Thu, 01 Dec 2005 01:40:21 MST
---------------------------------------------------------------------------
A tray icon was added to show the current status of the service and
notifications.

Previously you were only notified specific events occurred via email. You
can now review these events in the viewer. If a configuration has a filter
assigned to it, all events that pass the filter are saved in a separate
binary file. To view the events, select Notifications from the View menu.

When searching for events for a specific host or log, an error was thrown.
This bug has been fixed.

There was a problem sending emails in December. This bug has been fixed.


---------------------------------------------------------------------------
Build 4.0.0.44 - Mon, 21 Nov 2005 01:38:43 MST
---------------------------------------------------------------------------
A sorting triangle has been added to the detail view.

You can now set the maximum size of log files. When the target log file
exceeds the configured size, no more entries are downloaded. Use the
computer configuration dialog. Updated help file to include instructions.

You can now flag events for follow up and completed. You can also clear
the flags. An icon to show the state of the flag is included in the detail
view. Updated help file to include instructions.

When you double-click an entry, a dialog pops up displaying the selected
entry's content in dialog format. You can navigate through the entries from
the dialog and copy the entry to the clipboard.

You can now copy a string representation of an entry to the clipboard.
Select the entry in the detail view and press Ctrl-C or Copy from the Edit
menu. Updated help file to include instructions.

You can now select a log in the Downloaded Logs view and the log is
automatically displayed.

The initial startup wizard has been updated to include instructions for
manual downloading.

This readme file is now included in every build and displayed every every
installation or update.


---------------------------------------------------------------------------
Build 4.0.0.43 - Tue, 15 Nov 2005 01:36:39 MST
---------------------------------------------------------------------------
Filters can be selected and cleared from the toolbar.

When you display non-standard logs, a toolbar button is added enabling you
to filter each non-standard log independently.

You can now specify the from name and address that is included in email
alerts. Use the options dialog. Updated the help file to include
instructions.

When you select a computer in the Network view, the available logs are
automatically displayed,

When you select a log in the Network view, the log is automatically
downloaded. If the log has previously been downloaded, only the new entries
are downloaded.

When you open a single computer configuration, the available logs are
automatically displayed.

When you check a single computer in the configuration wizard, the
available logs are automatically displayed after you click the Next button.