I need a plugin that will notify when the Windows event or system logs get an error or warning; I would like it to return the details of the incident, not just the event name and id. I played with the event_log check on the nrpe_nt plugins package, but it isn’t quite enough. Any ideas?
me to need this plug in any help appreciated.
Hi,
you could use http://www.consol.com/opensource/nagios/check-logfiles for that. It was originally written to monitor ordinary files on Unix systems, but nowadays there is also a check_logfiles.exe which is able to query the Windows eventlog. Where you normally write
type => ‘simple’,
logfile => ‘/my/path/to/the/logfile’,
criticalpatterns => ‘.ERROR.’, ‘another error pattern’],
…
you write
type => ‘eventlog’,
eventlog => {
eventlog => ‘application’, # or system, or security
},
criticalpatterns => …
instead. There’s also an article on the plugin i wrote a year ago. linux-magazine.com/w3/issue/ … s_lead.pdf
What special about the plugin is, it reads until it reaches the end of the logfile/eventlog and saves that position. When you execute it the next time, it starts from that saved position, so you only get notified when new events have been logged.
Greetings from Munich,
Gerhard