Windows events by source

[vpg]

Hi everyone.

I would like to know if someone can help me. I need monitor Windows events by source that produce them. For example, if the source is Metaframe, i must know if, in a time period X, there were 1 or more errors or warnings for this source.

Sorry for my English.

Thanks in advance

[slansing]

How are you currently monitoring your event logs?

[vpg]

Hi.

i´m using nagios´ plugin "check_wmi_plus". With this plugin i only can get the number of errors or warnings in the Windows log.

Best regards

[slansing]

Though we do not often recommend it due to installation issues in the past you could try using:

http://assets.nagios.com/downloads/nagi ... entLog.pdf

[vpg]

Thanks for your recommendation but I can´t install the agent in the Windows Machine. I have to use WMI...

[sreinhardt]

If that is the case, I do not know of a plugin that will do what you need. You certainly can modify the check_wmi_plus script to your liking though! I think if you added a second filter for application name or something along those lines and counted the time period from there it should meet your needs.

[mickem]

Just for completion NSClient++ can do this very easily but requires an agent to be installed as well (which was not possible in your case).

Code: Select all

check_eventlog log=Application "filter=source='my program'" "crit=count > 0"

// Michael Medin

[sreinhardt]

thanks for the additional info. Locking as this is a week plus old with no replies from the original poster.