[Xymon] windows event log
Brandon Dale
BDale at kitchengroup.com.au
Fri Jun 5 01:42:28 CEST 2015
I haven't tested this but in your analysis.cfg it should be something like this:
HOST=servername
LOG %.* %\[1\]\s-\sTest\sEvent COLOR=red
This should go red for anything that contains "[1] - Test Event" (where "[1]" is the eventid and "Test Event" is the source name) in any event log. In your client-local.cfg you need to make sure you are also collecting the eventlogs where you expect to see this event.
Regards,
Brandon
From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Blumenthal, Russell
Sent: Friday, 5 June 2015 4:10 AM
To: xymon at xymon.com
Subject: [Xymon] windows event log
Hey folks,
Having a major brain fart right now. How would I get Xymon to go red when a specific event ID on a Windows servers is detected in the event log? I am using the PowerShell client so the VM is in a central mode. I have played around in analysis.cfg and client-local.cfg but haven't been able to get it down to a specific ID.
Thanks
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by e-mail and destroy all copies of the original.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20150604/d14e1f19/attachment.html>
More information about the Xymon
mailing list