nsclient++ eventlog real-time command question
Posted: Wed Aug 28, 2024 9:02 pm
hi!
I'm using Nagios for system monitoring. The Ubuntu series is working perfectly in all respects, and with the addition of Windows Server, I am trying to monitor it using NSClient++, but the problem is that I don't know how to activate the event log in real time. So I'm looking for advice, so I hope it helps. The NSClient++ settings are as follows.
[/modules]
NSClientServer = enabled
CheckLogFile = enabled
CheckEventLog = enabled
CheckNSCP = enabled
CheckSystem = disabled
CheckDisk = disabled
NSCAClient = enabled
NRPEServer = enabled
CheckExternalScripts = disabled
CheckHelpers = disabled
SimpleCache = enabled
SimpleFileWriter = enabled
[/settings/NSCA/client/targets/default]
address=192.168.100.100
password=password
encryption=0
[/settings/NSCA/client]
channel=NSCA
hostname=VM999
[/settings/eventlog/real-time]
debug = false
enabled = true
log = application, system
destination = NSCA
[/settings/eventlog/real-time/filters/evt_log]
log = system
target = NSCA
filter = level IN (error) AND (id NOT IN (1)) AND (id NOT IN (36874) OR source NOT IN ('Schannel')) AND (id NOT IN (36887) OR source NOT IN ('Schannel' )) AND (id NOT IN (36888) OR source NOT IN ('Schannel')) AND (id NOT IN (7030) OR source NOT IN ('Service Control Manager')) AND (id NOT IN (12292) OR source NOT IN ('VSS')) AND (id NOT IN (36870) OR source NOT IN ('Schannel'))
severity = warning, error
I would like you to tell me how to specify a command on the Nagios server to view the event log in real time.
ex) ./check_nrpe -H 192.168.100.100 -c check_eventlog -a log=system
Is it possible to monitor the event log in real time by executing a command like (ex)?
I'm using Nagios for system monitoring. The Ubuntu series is working perfectly in all respects, and with the addition of Windows Server, I am trying to monitor it using NSClient++, but the problem is that I don't know how to activate the event log in real time. So I'm looking for advice, so I hope it helps. The NSClient++ settings are as follows.
[/modules]
NSClientServer = enabled
CheckLogFile = enabled
CheckEventLog = enabled
CheckNSCP = enabled
CheckSystem = disabled
CheckDisk = disabled
NSCAClient = enabled
NRPEServer = enabled
CheckExternalScripts = disabled
CheckHelpers = disabled
SimpleCache = enabled
SimpleFileWriter = enabled
[/settings/NSCA/client/targets/default]
address=192.168.100.100
password=password
encryption=0
[/settings/NSCA/client]
channel=NSCA
hostname=VM999
[/settings/eventlog/real-time]
debug = false
enabled = true
log = application, system
destination = NSCA
[/settings/eventlog/real-time/filters/evt_log]
log = system
target = NSCA
filter = level IN (error) AND (id NOT IN (1)) AND (id NOT IN (36874) OR source NOT IN ('Schannel')) AND (id NOT IN (36887) OR source NOT IN ('Schannel' )) AND (id NOT IN (36888) OR source NOT IN ('Schannel')) AND (id NOT IN (7030) OR source NOT IN ('Service Control Manager')) AND (id NOT IN (12292) OR source NOT IN ('VSS')) AND (id NOT IN (36870) OR source NOT IN ('Schannel'))
severity = warning, error
I would like you to tell me how to specify a command on the Nagios server to view the event log in real time.
ex) ./check_nrpe -H 192.168.100.100 -c check_eventlog -a log=system
Is it possible to monitor the event log in real time by executing a command like (ex)?