Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Windows Event Log

https://support.nagios.com/forum/viewtopic.php?t=40538

Page 1 of 1

Windows Event Log

Posted: Thu Oct 06, 2016 1:32 am
by marnix
Hi!

I got a very simple Nagios check for the Windows Event Log running. I want to change some things, but i dont know how to do. And i dont find any actual wiki or something like that, thats helps me.

Actual Check:

Code: Select all

#Windows System Log
define command{
        command_name    check_eventsys
        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -t 60 -p 5666 -c $ARG1$ -a $ARG2$
}

Code: Select all

define service{
use			generic-service
host_name               WWS-001
service_description	Windows Event Log #104
check_command		check_nrpe_wu!check_eventsys_errors -c checkeventlog -a warn=1 crit=2 filter="id=104"
}

Well first thing i need help with - how do i change the log to monitor? the ids in "system" work well, but the ids in application dont work?
Second problem - i want only get Warnings / Criticals when the event is not older than 24 hours. How can i fix that?

Re: Windows Event Log

Posted: Thu Oct 06, 2016 12:17 pm
by dwhitfield
On the first question, are you looking for an example of monitoring the application log?

On the second question, are you saying you don't want to see old alerts?

Re: Windows Event Log

Posted: Fri Oct 07, 2016 1:33 am
by marnix
Both questions -> yes

Re: Windows Event Log

Posted: Fri Oct 07, 2016 10:06 am
by dwhitfield
1. Let me know if https://docs.nsclient.org/reference/win ... ntLog.html helps.
2. If you acknowledge the event, you should stop getting notifications (or at the very least can set it up to not alert after acknowledgement). Please let us know if you need help with that.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited