How can Nagios interact with NT Event Logs?

[David Clack]

Hello,
 This was asked a while ago, should be something in the archives of
help.
I replied then but I monitor Windows Events logs a different way now (
thanks mainly to suggestions from this list ) so I'll reply again.
 
The way I do it is use a product called snare
(http://sourceforge.net/projects/snare/) on the servers to send event
logs in real time to a syslog server, also my nagios box.
I then use syslog-ng to filter the logs into folders like
/var/log/remote-host/fileserver/Events.log, and have simple perl scripts
to parse them for particular errors/reports.
I have one script that basically returns a warning if there's errors in
the system log in the past 24 hours & others to look for specific
events, like arcserve back up failure etc..
There's a plugin called check_log.pl or something similar that may be of
use that comes with nagios.
 
Hope that's of help!
 
Dave.
 
 
 
-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Josh Van
As
Sent: 02 October 2003 12:18
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] How can Nagios interact with NT Event Logs?
 
How can Nagios interact with NT Event Logs?
I want to be able to selectively look for events on my Windows Servers
and create notification events if they occur.  I am pretty new to
Nagios, so if anyone could give me a few ideas / suggestions on how I
could go about this, I would appreciate it.
Thanks,
Josh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20031002/ace4717e/attachment.html>