Nagios 3.2.3 and Nagios 4.1
Anyone have a good plugin to monitor Windows Event Logs?
My Windows environment is Windows 2003 Windows 2008 Windows and Windows 2012.
Thanks
Tom
Nagios Event Log
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Nagios Event Log
One way that you could monitor Windows Event logs is through the Nag Event Log Monitor:
http://exchange.nagios.org/directory/Ad ... og/details
However, it is not one of our company created agent's, and the documentation we have for it is for Nagios XI and not Core, though there may be documentation out there floating around for integration with Core.
You can use NSClient++ for event log monitoring as well.
http://exchange.nagios.org/directory/Ad ... og/details
However, it is not one of our company created agent's, and the documentation we have for it is for Nagios XI and not Core, though there may be documentation out there floating around for integration with Core.
You can use NSClient++ for event log monitoring as well.
Re: Nagios Event Log
I use nsclient on all my windows servers
How to set that up using nsclient
Thanks
How to set that up using nsclient
Thanks
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Nagios Event Log
With the caveat that we did not write NSClient, I think https://docs.nsclient.org/reference/win ... kEventLog/ will set you on the right path.
What version of NSClient are you using? That will help us be more precise in our instructions.
What version of NSClient are you using? That will help us be more precise in our instructions.
Re: Nagios Event Log
nsclient version is 4.1.73
where is check_eventlog located?
Hope you have the instructions
where is check_eventlog located?
Hope you have the instructions
Re: Nagios Event Log
I found this in my nsclient ini file
But again when is checkeventlog ??????
Thanks TOM
Code: Select all
; alias_event_log - Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log
alias_event_log = CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"But again when is checkeventlog ??????
Thanks TOM
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Nagios Event Log
So, it depends on what exactly you want to check, but let's say you wanted to monitor all warning and critical events on a server for the last 60 minutes. Your check would look like:
Your command will end up looking something like
Is the NSClient.ini file on all of these machines the same? It might be useful if you upload samples from 2003, 2008, and 2012 if they are different. Thanks!
Code: Select all
./check_nrpe -H HOSTNAME -p 5666 -c CheckEventLog -a file=system MaxWarn=1 MaxCrit=1 "filter=generated > -1h AND severity = 'error' OR severity = 'informational'"
Code: Select all
define command{
command_name check_eventlog
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -p 5666 -t 30 -c CheckEventLog -a filter file=application MaxWarn=1 MaxCrit=1 "filter=generated lt -1h AND severity NOT IN ('success', 'informational')" unique descriptions "syntax=%source% {EventID %id%}[%severity%](Count=%count%)^MDate:%generated%^M%message%^M"
}
Re: Nagios Event Log
Thanks a million
After a little tweaking it is now working
now to add to all windows servers
this can be locked as resolved.
After a little tweaking it is now working
now to add to all windows servers
this can be locked as resolved.