|
using nsclient++ with nrpe to monitor event logs
Could someone with good experience of monitoring windows event logs with nrpe or check_nt + nsclient++ give me some good examples of the above.
I do have this working, but some of the checks appear inconsistent. An example being Code:
./check_nrpe -H 10.222.203.151 -c CheckEventLog -a filter=new file="Security" MaxWarn=1 MaxCrit=2 filter-generated=\<2d filter+eventType==Information filter=in filter=all truncate=400 unique descriptionsWhich should really be showing as CRITICAL |
It might not be "consistent" because you're checking updates to the log. The first time you check it the return code is 3 (CRITICAL) but the next one after that (unless there's a new message) is going to have return code 0 (OK).
To see return code just type "echo $?" after executing what you have at command line on your master. (Saves time over waiting for Nagios to get to it.) |
Quote:
I am talking about the windows event logs here. Do you have any examples? There are some on the nsclient++ site, but these do not work right for me. I do not really want to use the nsca method either..... |
| All times are GMT -5. The time now is 05:48 AM. |