elog.exe Nagios Check
John Patrick Carroll
John.Carroll at govdelivery.com
Wed Nov 18 23:52:16 CET 2009
When I use the elog.exe Nagios check, the --incOp part does not seem to work as I would expect it to.
The command I am running is:
C:\Program Files\NRPE_NT\plugins\bin>elog --logs Application --include Source:"BlackBerry Controller" --incOp And --include Description:"will not restart" --period 7200 --timeout 30
The results I get are:
CRITICAL - Backup Exec(45828:2:3);BlackBerry Controller(0:457:13);BlackBerry Messaging Agent IT-UTIL1 Agent 1(10:311:268);Windows Server Update Services(21:21:1);BlackBerry Dispatcher IT-UTIL1(0:41:38);BlackBerry Router(2:1:5);Application Hang(2:0...
I would expect this to find event log messages in the last 5 days that are in the Application log, have a Source of "BlackBerry Controller", and have the text "will not restart" in the Description. But what I seem to get is every message in the last 5 days.
Can someone point out the flaw in my thinking or syntax, so I can get this check working?
If I run the command with just the Source part, I get back an appropriate number of messages, so all I wanted to do was filter that set a little more to pull out messages with certain text.
command:
C:\Program Files\NRPE_NT\plugins\bin>elog --logs Application --include "Source":"BlackBerry Controller" --period 7200 --timeout 30 -vv
results:
<snip>
11/13/2009 6:08:19 PM Warning None BlackBerry Controller
The description for Event ID '-1342222410' in Source 'BlackBerry Controller' cannot be found. The local computer may not have the necessary registry information or message DLL files to display the message, or you may not have permission to access them. The following information is part of the event:''IT-UTIL1' agent 1: will not restart - reached the maximum of 10 restarts per 24 hours'
<snip>
Done
WARNING - BlackBerry Controller(0:457:13);
Oddly enough, the Event ID shown in the above message is NOT the Event ID shown in the Event Viewer. That Event ID is 20406.
thanks,
John
John Patrick Carroll | Senior Systems Administrator
GovDelivery, Inc.
408 St. Peter St, Ste 600 | St Paul, MN 55102-1147
651.757.4124 or 866.276.5583 ext. 124
Resources
Website: www.govdelivery.com<http://www.govdelivery.com>
Blog: www.reachthepublic.com<http://www.reachthepublic.com>
Twitter: www.twitter.com/govdelivery<http://www.twitter.com/govdelivery>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20091118/30e73175/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list