[Xymon] windows event log

Blumenthal, Russell Russell.Blumenthal at stonybrookmedicine.edu
Fri Jun 5 15:36:03 CEST 2015


Perfect, thank you! That worked. I've been testing with creating my own event log entries to trigger the msgs to go red.

Offhand, do you know how long until it goes green again, is it an hour or so?

From: Brandon Dale [mailto:BDale at kitchengroup.com.au]
Sent: Thursday, June 04, 2015 7:42 PM
To: Blumenthal, Russell; xymon at xymon.com
Subject: RE: [Xymon] windows event log

I haven't tested this but in your analysis.cfg  it should be something like this:

HOST=servername
LOG %.* %\[1\]\s-\sTest\sEvent COLOR=red

This should go red for anything that contains "[1] - Test Event" (where "[1]" is the eventid and "Test Event" is the source name) in any event log. In your client-local.cfg you need to make sure you are also collecting the eventlogs where you expect to see this event.

Regards,


Brandon

From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Blumenthal, Russell
Sent: Friday, 5 June 2015 4:10 AM
To: xymon at xymon.com<mailto:xymon at xymon.com>
Subject: [Xymon] windows event log

Hey folks,

Having a major brain fart right now. How would I get Xymon to go red when a specific event ID on a Windows servers is detected in the event log? I am using the PowerShell client so the VM is in a central mode. I have played around in analysis.cfg and client-local.cfg but haven't been able to get it down to a specific ID.

Thanks


This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by e-mail and destroy all copies of the original.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20150605/9556500e/attachment.html>


More information about the Xymon mailing list