Monitoring event ID on Nagios core 4.3.4
Posted: Wed Feb 19, 2020 5:21 pm
Hi Guys, please help me in monitoring event ID on Nagios core.
Below command gives proper output,
[/b]
but when implemented the same on Nagios, I will get Critical alert with some Junk messages.
Thanks
Below command gives proper output,
Code: Select all
libexec]$ ./check_nrpe -H Hostname -c checkeventlog -a filter="id=4231" scan-range=-5m
OK: No entries found|'count'=0;1;2but when implemented the same on Nagios, I will get Critical alert with some Junk messages.
Below are the service and command definitionCRITICAL: 21 message(s) Application Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Code: Select all
define service{
use app-service
host_name Hostname
service_description APP - EventID-4231 Port Exhaust
check_command check_nrpe!check_eventlog!'filter=id=4231' scan-range=-5m
max_check_attempts 1
}
define command{
command_name check_eventlog
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$
}
Further, please find the changes made in nsclient.ini file and suggest the correct configurations for the desired output.
Code: Select all
[/modules]
CheckEventLog=enabled
; CheckEventLog - Check for errors and warnings in the event log.
CheckEventLog = 1
[/settings/eventlog]
buffer size = 131072
debug = 0
lookup names = 1
[/settings/eventlog/real-time]
enabled = true
log=application,system
startup age=30m
filter=id = 4231 and category = 0