Does anyone have event log monitors that *work*?

Ennis Ibarra ennis at nmcourts.gov
Fri Mar 19 17:34:42 CET 2010


You may want to consider a unified SYSLOG in a linux box for your windows machines an build your own plugins, this not only cuts off the stress on the windows side but allows you quite a bit of freedom in processing logging. It's just an idea, we are doing it over here, and we've had great results. 

Good luck. 

----- Original Message ----- 
From: "Mark Frost {PBC}" <mark.frost1 at pepsico.com> 
To: "Nagios Users List" <nagios-users at lists.sourceforge.net> 
Sent: Friday, March 19, 2010 9:00:42 AM 
Subject: Re: [Nagios-users] Does anyone have event log monitors that *work*? 






>-----Original Message----- 
>From: C. Bensend [mailto:benny at bennyvision.com] 
>Sent: Friday, March 19, 2010 10:32 AM 
>To: nagios-users at lists.sourceforge.net 
>Subject: [Nagios-users] Does anyone have event log monitors that *work*? 

> 

> 

>Hey folks, 

> 

> I have been beating my head against various and sundry walls, 

>tables, and desks for quite some time now, and my brain is starting 

>to get very, VERY mushy. 

> 

> I need to monitor Windows event logs. You'd think this would 

>be easy, but either the tools available out there don't work (which 

>I doubt, I KNOW you monitor event logs), or I'm man enough to admit 

>that I'm a hopeless idiot. 

> 

> I've tried to get help on the 3rd-party sites (Steve 

>Shipway's site for Nagios EventLog Service and NSClient++), but 

>they're either away from their desks for an extended period of 

>time or I've just plain worn them out and they're no longer answering 

>my questions. 

> 

> I beg of you; if you use either of these tools and *successfuly* 

>monitor Windows event logs, please give me a hand. I apologize for 

>the length of this email, but this is my last stand - if I cannot 

>get event log monitoring working, this entire project may get 

>scrapped. 



Benny, 



This is probably overkill for your situation but you could use Splunk 

to watch event logs (and other logs) via saved searches and then 

have it notify Nagios when it spots something. We do this here as 

Splunk just has more smarts about dealing with events/logs/matches 

within certain time windows. But as I say, it IS more overhead than 

the other solutions you cite. 



Mark 




------------------------------------------------------------------------------ 
Download Intel® Parallel Studio Eval 
Try the new software tools for yourself. Speed compiling, find bugs 
proactively, and fine-tune applications for parallel performance. 
See why Intel Parallel Studio got high marks during beta. 
http://p.sf.net/sfu/intel-sw-dev 
_______________________________________________ 
Nagios-users mailing list 
Nagios-users at lists.sourceforge.net 
https://lists.sourceforge.net/lists/listinfo/nagios-users 
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20100319/5816b33a/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


More information about the Users mailing list