Central concepts
The basic idea is to place a piece of software, an agent, on the computer to be monitored. The agent watches several sources on that computer, including the Windows Event Log, for specific events or alerts generated by the applications executing on the monitored computer. Upon alert occurrence and detection, the agent forwards the alert to the SCE server. This SCE server application maintains a database that includes a history of alerts. The SCE server applies filtering rules to alerts as they arrive; a rule can trigger some notification to a human, such as an e-mail or a pager message, or trigger some other workflow intended to correct the cause of the alert in an appropriate manner. SCE uses the term management pack to refer to a set of filtering rules specific to some monitored application. While Microsoft and other software vendors make management packages available for their products, SCE also provides for authoring custom management packs. While an administrator role is needed to install agents, configure monitored computers and create management packs, rights to simply view the list of recent alerts can be given to any valid user account. == Versions ==