check_nrpe CheckEventLog


#1

Hi!
I run:
./check_nrpe -H 10.3.55.13 -p 5666 -c CheckEventLog -a file=Security MaxWarn=1 MaxCrit=1 filter+eventID==675 filter+severity==“Failure Audit” filter+eventSource=Security filter=in filter=all truncate=15 from the libexec folder. It returns: "Security, S…|‘eventlog’=91;0;2"
However, when I put this in the cfg file:
define service{
use generic-service
host_name server01
check_command check_nrpe! -p 5666 -c CheckEventLog! -a file=security MaxWarn=1 MaxCrit=1 filter+eventID==675 filter+severity==“Failure Audit” filter+eventSource==security filter=in filter=all truncate=15
}
It returns this error: "No file specified try adding: file=Application"
I am trying to monitor the Windows 2003 Security log of the Domain Controller that matches: eventID=675, Severity=Failure Audit and eventSource=Security.
Can someone please help me with this?
Thanks,
Jay :?:


#2

I have no idea with the Windows 2003 Security log of the Domain Controller, but I guess you better go to microsoft and login there. Try to let them troubleshoot your system. maybe there support it then…


Security Systems