using Linux for a specific Windows Event

[Anthony Montibello]

Just a quick note,

Yes NC_NEt can monitor Window Eventr logs, as well as WMI, Run scripts and
all the other CHECK_NT commands (and more)
However it is hosted on SourceForge: http://sourceforge.net/projects/nc-net
the new (Finally done testing) version will be released hopefully this week.

Tony (Author of NC_NEt)

On Tue, Jun 24, 2008 at 10:52 AM, Rene Fertig <me at renux.de> wrote:

> Hello Michael.
>
> Michael Dalton wrote:
> > I am using Fedora 6 with nagios 2.9 monitoring multiple windows 2003
> > servers. I have looked on the message boards for a solution and have not
> > come up with one.
> >
> > What I would like to do is monitor a specific windows event.....event
> > id=55....(a disc failure or beginning to fail).
> >
> > Has anyone else done this?
>
> I've just done this. There are several ways. You can use NC_Net
> (http://shatterit.com/nc_net/) which has the ability to monitor the
> eventlog.
> But I haven't tested it.
>
> I'm using Logparser 2.2
> (
> http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en
> )
> which parses the eventlog for some IDs, e.g.:
>
> logparser "SELECT * FROM System where EventID IN(500;501;503;509;510)"
> -i:EVT
> -o:csv > "c:\Programme\Log Parser 2.2\output.csv"
>
> One can use FIND to look if one of the IDs was found. I do this with the
> following batch/cmd file which is called itself by NRPE_NT (see
> Nagios-Exchange):
>
> @ECHO OFF
> "C:\Programme\Log Parser 2.2\logparser" "SELECT * FROM System where EventID
> IN(500;501;503;509;510)" -i:EVT -o:csv > d:\Logparser\output.csv
> FIND "Elements output:    0" "C:\Programme\Log Parser 2.2\output.csv" > NUL
> IF %ERRORLEVEL% GTR 0 (
>  REM FIND "System," "C:\Programme\Log Parser 2.2\output.csv"
>  echo Fehlermeldung im System-Eventlog gefunden
>  exit 1
> )
> echo OK
> exit 0
>
> Probably using NC_Net is much smarter but I did it this way, since we
> already
> use NRPE_NT on this server.
>
> Greetings, Rene
>
> --
> Tipps & Tricks für Linux, MySQL & Webdesign
>  -> http://home.telebel.de/~referti/blog/
>
> -------------------------------------------------------------------------
> Check out the new SourceForge.net Marketplace.
> It's the best place to buy or sell services for
> just about anything Open Source.
> http://sourceforge.net/services/buy/index.php
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20080624/73cbd2c4/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null