NC_Net nagios client to monitor Event logs onwindows

manju a manju.kudu at gmail.com
Tue Mar 4 07:39:43 CET 2008
Previous message: NC_Net nagios client to monitor Event logs onwindows
Next message: notifications for downed services
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Tony,

i replaced 1 with the 0 but for some reason it will not recognize
application event logs, even if the event accours five min back, it will say
no entry
/check_nt -H windowsmachine -p 1248 -v EVENTLOG -l any,any,5,0,0,1,1081,1111
-p 1248 -c 6

for example here i need to monitor 1081,1111 ...n number of event IDS but
this will give some wrong results some times. i think it will work okay if
we monitor only one event ID, but this will not workout.

i tired giving EVENTLOG_NEW insisted of EVENTLOG but i get the error "Client
- ERROR: Argument mismatch" do you thing we need to change some arugement
under -l when we specify EVENTLOG_NEW.

please help me on this.

thanks for your help

Manjunath A





On Tue, Mar 4, 2008 at 5:56 AM, Anthony Montibello <amontibello at gmail.com>
wrote:

> (This should have stayed in the UserList since it is syntex specific that
> may benifit other users for Windows Event Log monitoring via NC_NEt and
> nagios)
>
>
> Almost there syntex is a bit off,
> the values after the interval are #of items followed by a comma delimited
> list of the items
> hence 0 means no items, so 1081 should be 1,1081
>
> Thus try the command
> ./check_nt -H windowsmachine -p 1248 -v EVENTLOG -l
> Application,Information,50,0,0,1,1081 -p 1248 -c 6
>
> the -c and -w controle the Threshold for Warning/Critical/OK
>
> Also try converting to an EVENTLOG_NEW
> since it has some great optimizations that were not in EVENTLOG
> check_nt --help=EVENTLOG_NEW
> Tony (author of nc_net)
> On Mon, Mar 3, 2008 at 2:45 AM, manju a <manju.kudu at gmail.com> wrote:
>
> > Hi Tony,
> >
> > i am able to make the new check_nt n  i m able to get the event log
> > information, but i m not able to monitor the required event logs
> >
> > for example i m doing like from libexec ./check_nt -H windowsmachine -p
> > 1248 -v EVENTLOG -l any,Information,50,0,0,6,1081 -p 1248
> >
> > in the above example i m trying to monitor 1081 event ID under type
> > Information  but once i execute this it will show the all the events which
> > took place in 50 min under information type. if it works fine it should show
> > only 1081 events in numbers rite. please correct me if i wrong.
> >
> > i need to monitor some n numbers of eventlogs in the 50 min time travel,
> > if that logs appears nagios should send an e-mail. please help me on this.
> >
> > thanks
> > manjunath A.
> >
> >
> >
> >
> >
> >
> >
> > On Sun, Mar 2, 2008 at 11:27 PM, manju a <manju.kudu at gmail.com> wrote:
> >
> > > Hi,
> > >
> > > its working fine now, thanks
> > >
> > >
> > >   On 2/23/08, Anthony Montibello <amontibello at gmail.com> wrote:
> > > >
> > > > And did that resolve the eventlog issue?
> > > >
> > > > Tony
> > > >
> > > >
> > > >  On Fri, Feb 22, 2008 at 9:15 AM, manju a <manju.kudu at gmail.com>
> > > > wrote:
> > > >
> > > > > yes this time it works fine... i am able to build
> > > > >
> > > > >
> > > > > On Fri, Feb 22, 2008 at 12:15 PM, Jeff C. Benger <
> > > > > jbenger at ztechnet.com> wrote:
> > > > >
> > > > > >  Download & extract nagios-plugins source
> > > > > >
> > > > > > Remove/rename the original check_nt.c in the plugins dir
> > > > > >
> > > > > > copy the check_nc_net.c file into the plugins folder and rename
> > > > > > to check_nt.c
> > > > > >
> > > > > > rebuild the plugins(make)
> > > > > >
> > > > > >
> > > > > >  ------------------------------
> > > > > >
> > > > > > *From:* nagios-users-bounces at lists.sourceforge.net [mailto:
> > > > > > nagios-users-bounces at lists.sourceforge.net] *On Behalf Of *manju
> > > > > > a
> > > > > > *Sent:* Friday, February 22, 2008 1:30 AM
> > > > > > *To:* Anthony Montibello
> > > > > > *Cc:* Nagios-users at lists.sourceforge.net
> > > > > > *Subject:* Re: [Nagios-users] NC_Net nagios client to monitor
> > > > > > Event logs onwindows
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > >
> > > > > > Thanks a lot for your replay.
> > > > > >
> > > > > > when i copied to the libexec folder i got the below error, i
> > > > > > know this is not a command soo shell is not able to recognize it.
> > > > > >
> > > > > > [root at nagios libexec]# ./check_nt.c
> > > > > > ./check_nt.c: line 1:
> > > > > > /*********************************************************
> > > > > > : No such file or directory
> > > > > > ./check_nt.c: line 2: check_apt: command not found
> > > > > > : command not found3: *
> > > > > > ./check_nt.c: line 4: check_apt: command not found
> > > > > > ./check_nt.c: line 5: check_apt: command not found
> > > > > > ./check_nt.c: line 6: check_apt: command not found
> > > > > > : command not found7: *
> > > > > > ./check_nt.c: line 8: check_apt: command not found
> > > > > > ./check_nt.c: line 9: check_apt: command not found
> > > > > > ./check_nt.c: line 10: syntax error near unexpected token `('
> > > > > > ./check_nt.c: line 10: ` * Copyright (c) 2007 TOny Montibello (
> > > > > > tony at MontiTech.co
> > > > > > ')
> > > > > >
> > > > > > can you please let me know how we can recomplie check_nt.c
> > > > > > plugins.
> > > > > >
> > > > > > thanks
> > > > > > manjunath A.
> > > > > >
> > > > > >
> > > > > >
> > > > > >  On Fri, Feb 22, 2008 at 5:12 AM, Anthony Montibello <
> > > > > > amontibello at gmail.com> wrote:
> > > > > >
> > > > > > HI,
> > > > > >
> > > > > >
> > > > > > THe problem is your version of check_nt
> > > > > >
> > > > > > >>"where check_nt is default plugin which will come with the
> > > > > > nagios installation."
> > > > > >
> > > > > >
> > > > > >
> > > > > > You need to compile check_nc_net.c
> > > > > >
> > > > > > to do this, copy the check_nc_net.c to check_nt.c
> > > > > >
> > > > > > then recompile the plugins
> > > > > >
> > > > > >
> > > > > >
> > > > > > check_nc_net.c is in the install location of NC_Net as well as
> > > > > > downloadable seperatly from
> > > > > >
> > > > > >
> > > > > > http://downloads.sourceforge.net/nc-net/check_nc_net_040107.zip?modtime=1175541733&big_mirror=0&filesize=17953
> > > > > >
> > > > > >
> > > > > >
> > > > > > However please use the eventlog_new command -(See the help of
> > > > > > check_nc_net)
> > > > > >
> > > > > > It is a more efficient check than eventlog
> > > > > >
> > > > > >
> > > > > >
> > > > > > TOny (Author of NC_NEt)
> > > > > >
> > > > > > On Thu, Feb 21, 2008 at 1:00 AM, manju a <manju.kudu at gmail.com>
> > > > > > wrote:
> > > > > >
> > > > > >  Hi,
> > > > > >
> > > > > > sorry it was my mistake while typing, yes i replaced any5 with
> > > > > > 5.... same problem!!! please help me on this
> > > > > >
> > > > > > thanks
> > > > > > manjunath A.
> > > > > >
> > > > > >
> > > > > >
> > > > > >  On Wed, Feb 20, 2008 at 8:30 PM, Edgar Matzinger <
> > > > > > Edgar.Matzinger at valid.nl> wrote:
> > > > > >
> > > > > > Hi Manju,
> > > > > >
> > > > > >
> > > > > > >
> > > > > > > [root at nagios libexec]# ./check_nt -H windowsmachine -p 1248
> > > > > > > -v EVENTLOG  -l any,any,any5,0,0,0 -w 5 -c 10
> > > > > > > check_nt: Could not parse arguments
> > > > > >
> > > > > >  and if you replace "any5" with "5"?
> > > > > >
> > > > > > HTH, cu l8r, Edgar.
> > > > > > --
> > > > > >    |\  /| :                                : Addr: Valid
> > > > > > Eindhoven B.V.
> > > > > >  /  | \/ | :     Edgar R. Matzinger         :       t.a.v. E.R.
> > > > > > Matzinger
> > > > > > /   |    | :                                :       Paradijslaan
> > > > > > 36
> > > > > > \  /|  /\| :                                :       5611 KN
> > > > > > Eindhoven
> > > > > >  \/   /  \ :     Valid Eindhoven BV         :
> > > > > >  \  /\  / :                                :
> > > > > >   \/ |\/  :                                :
> > > > > >      |    :                                :
> > > > > > Disclaimer: Any comments, opinions made are mine, etc ...
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > -------------------------------------------------------------------------
> > > > > > This SF.net email is sponsored by: Microsoft
> > > > > > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > > > > > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > > > > > _______________________________________________
> > > > > > Nagios-users mailing list
> > > > > > Nagios-users at lists.sourceforge.net
> > > > > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > > > > ::: Please include Nagios version, plugin version (-v) and OS
> > > > > > when reporting any issue.
> > > > > > ::: Messages without supporting info will risk being sent to
> > > > > > /dev/null
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > -------------------------------------------------------------------------
> > > > > > This SF.net email is sponsored by: Microsoft
> > > > > > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > > > > > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > > > > > _______________________________________________
> > > > > > Nagios-users mailing list
> > > > > > Nagios-users at lists.sourceforge.net
> > > > > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > > > > ::: Please include Nagios version, plugin version (-v) and OS
> > > > > > when reporting any issue.
> > > > > > ::: Messages without supporting info will risk being sent to
> > > > > > /dev/null
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > -------------------------------------------------------------------------
> > > > > This SF.net email is sponsored by: Microsoft
> > > > > Defy all challenges. Microsoft(R) Visual Studio 2008.
> > > > > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> > > > > _______________________________________________
> > > > > Nagios-users mailing list
> > > > > Nagios-users at lists.sourceforge.net
> > > > > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > > > > ::: Please include Nagios version, plugin version (-v) and OS when
> > > > > reporting any issue.
> > > > > ::: Messages without supporting info will risk being sent to
> > > > > /dev/null
> > > > >
> > > >
> > > >
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20080304/26f1b97c/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: NC_Net nagios client to monitor Event logs onwindows
Next message: notifications for downed services
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list