Reading Event Logs

Neil neil-on-nagios at restricted.dyndns.org
Fri Jun 11 01:19:28 CEST 2004

Previous message: Reading Event Logs
Next message: Dell Openmanage and Compaq/HP Insight Manager 7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Use snare and nsca, and have nagios addon, ncsa daemon listen too :) 

Here is what I wrote before: 

#!/usr/bin/perl
use POSIX;
use Time::Local; 

my $message = join (' ', at ARGV);
my ($host, $msg) = $message =~ 
/\s([a-z]{6})\sMSWinEventLog.*\s[A-Z]{1}[a-z]{1}[a-z]{1}\s\d{2}\s\d{2}:\d{2} 
:\d{2}\s\d{4}.*Service\sControl\sManager.*(The\sWorld.*state.)/x; 

if     ( $msg =~ /running state/ ) {
      $nagios_code = 0; # Ok
}
elsif ( $msg =~ /stopped state/ ) {
      $nagios_code = 2; # Critical
} else {
      exit;
} 

($Second, $Minute, $Hour, $Day, $Month, $Year, $WeekDay, $DayOfYear, $IsDST) 
= localtime(time);
$epoch = mktime($Second,$Minute,$Hour,$Day,$Month,$Year,$WeekDay,0,-1); 

my $cmd  = "[$epoch] 
PROCESS_SERVICE_CHECK_RESULT;$host;w3svc;$nagios_code;$msg";
my $echo = '/bin/echo';
my $pipe = '/usr/local/nagios/var/rw/nagios.cmd'; 

system "$echo \"$cmd\" >> $pipe"; 


I have to create a new one to refresh my mind about it :) 

Ron Wilson writes: 

> I need some help.
> What is the easiest way for Nagios to read event logs on Windows servers
> and extract alerts/warnings etc and then process nagios alerts if necessary
> --
>  
> Ron Wilson
> City of Sails
> Auckland 
> 
> Whenever people agree with me I always feel I must be wrong.
> Oscar Wilde (1854 - 1900) 
> 
>  
> 
>  
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by the new InstallShield X.
> From Windows to Linux, servers to mobile, InstallShield X is the
> one installation-authoring solution that does it all. Learn more and
> evaluate today! http://www.installshield.com/Dev2Dev/0504
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null
 


-------------------------------------------------------
This SF.Net email is sponsored by the new InstallShield X.
>From Windows to Linux, servers to mobile, InstallShield X is the
one installation-authoring solution that does it all. Learn more and
evaluate today! http://www.installshield.com/Dev2Dev/0504
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Reading Event Logs
Next message: Dell Openmanage and Compaq/HP Insight Manager 7
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list