Page 3 of 3
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 07, 2013 12:43 pm
by imran_khan
Hello,
I want to configure alert once particular event id generate in windows server.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 07, 2013 1:15 pm
by abrist
You are checking with "filter=new". Is the event still considered "new"?
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 14, 2013 12:34 pm
by mickem
The syntax used in this thread is horribly old and does simply not work.
please upgrade to newer version and use the filter syntax present in 0.4.1 it will work much more easily and much more consistently.
// Michael Medin
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 14, 2013 4:09 pm
by lmiltchev
@ imran_khan
Let us know if mickem's suggestion fixed your issue.
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 14, 2013 4:23 pm
by slansing
@Michael Medin
Can you provide imran_khan with the correct syntax when he upgrades to 0.4.1?
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 21, 2013 2:57 pm
by mickem
Code: Select all
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\<30 filter+eventID=="4111" filter+eventType==all filter=all
With 0.4.1. would be:
Code: Select all
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a file=all MaxWarn=1 MaxCrit=2 "filter=generated\>-30 AND id=4111"
Just for completion 0.4.2:
Code: Select all
./check_nrpe -H IP_Address -p 5666 -c check_eventlog -a file=all "crit=count>0" "filter=generated\>-30 AND id=4111"
Not sure about "file=all" though but that goes for all versions really. Worth noticing is that if the log is not found Application is used so my guess is that that is what happens here and log=Application should be used.
In 0.4.2 the newer APIs no longer fall back to Application so log would need to be correct in that version.
// Michael Medin
Re: Monitoring event id in Nagios ystem.
Posted: Thu Nov 21, 2013 4:38 pm
by lmiltchev
Thanks, mickem!