Hello.
Is there any way to get the Event Log Message into Nagios??
For Example I need to monitor for Events "Useraccount locked" and don't wan't to only get
notified that this event occured - but need to have the event message text (containing the account
name which was locked) in the nagios GUI and logged into my NDO DB.
Can somebody help??
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
one of the issues with event log checks is that there could be a lot of data in the message field of each event, including newlines
multiple line output is not always handled well particulary when we do not know how much data needs to be fetch and how much is not needed.
THe event log check DOES not retrieve this,
However a WMI query can retrieve this info for you.
or a Custom script can retrive this info
One option is to use the event log check to test for your criteria,
Then in an event handler of nagios run a second Check to fetch and parse the details for the second check for the final results to report to Nagios.
Tony
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
WMI sucks ... I need to monitor some domain Controllers with large logs and If I query the event log with WMI it needs MINUTES to finish :-(
I was really surpriesed how fast your EVENTLOG_NEW mehtod is !!! It needs only 3-4 Seconds for the "same" task! GOOOD job!
But - when are you supporting this in the Client?? My C is not as goot as I could do it myself.
Maybe I get a Idea of your EVENTLOG_NEW method and can code me a external script which gives me that information after some eventhandling.
I think you're using some API calls instead of WMI which does the speedy stuff!?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
For Consulting Fees or Donation I could add a new command using the Event Log new algorith to fetch any results or output you need.
However I would need to know more specs on the result expectations and input expectations.
TOny
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello.
Is there any way to get the Event Log Message into Nagios??
For Example I need to monitor for Events "Useraccount locked" and don't wan't to only get
notified that this event occured - but need to have the event message text (containing the account
name which was locked) in the nagios GUI and logged into my NDO DB.
Can somebody help??
Yes and no,
one of the issues with event log checks is that there could be a lot of data in the message field of each event, including newlines
multiple line output is not always handled well particulary when we do not know how much data needs to be fetch and how much is not needed.
THe event log check DOES not retrieve this,
However a WMI query can retrieve this info for you.
or a Custom script can retrive this info
One option is to use the event log check to test for your criteria,
Then in an event handler of nagios run a second Check to fetch and parse the details for the second check for the final results to report to Nagios.
Tony
WMI sucks ... I need to monitor some domain Controllers with large logs and If I query the event log with WMI it needs MINUTES to finish :-(
I was really surpriesed how fast your EVENTLOG_NEW mehtod is !!! It needs only 3-4 Seconds for the "same" task! GOOOD job!
But - when are you supporting this in the Client?? My C is not as goot as I could do it myself.
Maybe I get a Idea of your EVENTLOG_NEW method and can code me a external script which gives me that information after some eventhandling.
I think you're using some API calls instead of WMI which does the speedy stuff!?
It is good to hear that EventLOg_New is being used,
What do you mean its not in the client: The latest Check_nt for NC_Net should have it:
http://downloads.sourceforge.net/nc-net/check_nc_netV4.4.0.zip
For Consulting Fees or Donation I could add a new command using the Event Log new algorith to fetch any results or output you need.
However I would need to know more specs on the result expectations and input expectations.
TOny