Nagios Support Forum

This doesn't seem like a typical NSClient++ install... There is no nsclient.ini (or NSC.ini), nsclient.log, etc. What is the NSClient++ version? Can you run the following command on your nagios server against the Windows box and show us the output?
Where is the config file?

This is the old version of client we are currently running which is nsclient from 2008 I think

I don't see anything in there that deals with event log checking, unfortunately. Besides that, those nrpe checks are against .exe files, which I have no way of determining the output of myself, the output has surely changed since 2008 though.

Yeah thats what I was afraid of.

Are there any other clients for monitoring windows servers?

Okay I have it displaying what I want

I have use the following command
# Check EventLog
define command{
command_name check_eventlog
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -p 5666 -t 30 -c CheckEventLog -a filter file=application MaxWarn=1 MaxCrit=1 "filter=generated lt -1h AND severity NOT IN ('success', 'informational')" unique descriptions "syntax=%source% {EventID %id%}[%severity%](Count=%count%)^MDate:%generated%^M%message%^M"
}

The only issue I am having is its not emailing me when there are warnings/criticals. It displays them in the console but I dont get an email.
I get emails if the host services or the host is down.

This is what I have the server setup with on nagios

#Define a service to "Check EventLog System"
define service{
use generic-service
host_name MELSPLUNK01
service_description Event Log
check_command check_eventlog
}

in my templates the generic-service is configured as follows
# Generic service definition template - This is NOT a real service, just a template!

define service{
name generic-service ; The 'name' of this service template
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
is_volatile 0 ; The service is not volatile
check_period 24x7 ; The service can be checked at any time of the day
max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state
normal_check_interval 60 ; Check the service every 10 minutes under normal conditions
retry_check_interval 30 ; Re-check the service every two minutes until a hard state can be determined
contact_groups admins ; Notifications get sent out to everyone in the 'admins' group
notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events
notification_interval 60 ; Re-notify about service problems every hour
notification_period 24x7 ; Notifications can be sent out at any time
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}


I appreciate the hepl
Bryce

bryceee wrote:The only issue I am having is its not emailing me when there are warnings/criticals. It displays them in the console but I dont get an email.
I get emails if the host services or the host is down.

Are the members of the contact group "admins" allowed to receive warning and critical alerts?