Due to limitations of the network topology that we have to monitor I have to use the Nagios_WSC pluggin. On the whole it works fine, however I also need to monitor Backup Exec events (57755 and 34112) for completed jobs. When I set up the NTEvent command, or indeed the NTEvents command they search the entire event log, application log in my case. All I want them to do is to search the last 24 hours for example. As it is not doing this I am recieving false positives.
Please can someone tell me if this is possible, if so how?
I have thought of that already but was trying to avoid it as I will have to do this on many sites and if it fails on one site then I would still recieve a false positive.
Thanks for your feedback, I will keep digging and if I get an answer to my own question I will post the answer, but if anyone else can help please do so it will be appreciated.
For those of you interested in this post I have got a bit further regarding manually clearing down the event logs via a script but am yet to try it. There is a command ‘wevtutil’ that can be used as a script and therefore automate the clearing down of the logs. The command options that I am currently looking at are:
wevtutil cl /bu:
The cl will clear the logs and the /bu: is the backup location. I hope this helps out some of you as well. If I learn anything else to improve on this I will be sure to post it for you.