Page 1 of 1

Windows event log monitoring

Posted: Mon Jul 17, 2017 6:22 am
by bosco
HI can you please share me how to monitor windows event log using nagios.

i need to filter using

event type = application

Source="XLFileMover"

Re: Windows event log monitoring

Posted: Mon Jul 17, 2017 10:00 am
by mcapra
Check out this article by community member @WillemDH:
https://outsideit.net/real-time-eventlog-monitoring/

This uses a "push" method with NSCA or NRDP and lets NSClient++ be responsible for the active checking of Windows event logs.

You can also leverage a "pull" method with check_wmi_plus which uses WMI:
http://www.edcint.co.nz/checkwmiplus/?q ... mmandlines

You might also consider Nagios Log Server since it is a much more appropriate application for large-scale event log monitoring (it's free up to 500MB/day):
https://www.nagios.com/products/nagios-log-server/

Re: Windows event log monitoring

Posted: Mon Jul 17, 2017 3:04 pm
by tmcdonald
Thanks for the assist, @mcapra!