Windows Event Log

James Pratt jpratt at norwich.edu
Tue Apr 5 15:49:14 CEST 2011


I believe it's actually a Perl/regex issue, see here, maybe you can escape the * and have it work -

http://www.google.com/search?q=quantifier+follows+nothing+before+HERE+mark+in+regex

cheers,
Jamie


---


From: Edwin Zoeller [mailto:Edwin.Zoeller at ama-assn.org] 
Sent: Tuesday, April 05, 2011 9:26 AM
To: Nagios Users List
Subject: [Nagios-users] Windows Event Log
Importance: High

I was asked to see if we can capture and alert on a event that happens often on one of out NT servers. Below is the event:
 
Ed,
            As we just discussed, here is paste of the exact text of the Warning from the Application Event Log and a screenshot with all the details for the message that is generated every 60 seconds when the servers have a problem negotiating a connection. As this has become a reoccurring problem, Paul has asked that we monitor this and send out alerts so we can jump on it next time it happens. Please call me with any questions. Thanks



Server Name: PBX003
Application Log 

EmailManager EventCode:25000 Level:2 Email - An exception was caught trying to connect to host : exchange.americanmedicalassociation.org, Inbox: Ama_nt\hppcmail, javax.mail.MessagingException: Connect failed; nested exception is:avax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake




What I did was to download and have the NT folks invoke the event_agent.exe file Then from my Nagios host side (Linux), execute the check_win_eventlog.pl script, and fill in the parameters that I think are correct. When I execute the script from the Nagios server side to test, it just seems to hang and the NT admins sent methe screen below.
I am not a Windows person so I am not sure that I am testing this correct. So what I am asking if someone with more knowledge of what I am trying to accomplish could help me out. Here is what I am running for the Server side:

../../libexec/check_win_eventlog.pl -H 10.0.94.22 -l 'Application' -s 'EmailManager' -m '*:+Connect failed' -t Warning
And below is what the Windows people are seeing on there side.
This was in dos window b4 I closed it out. We can do it again Mon.
 

 
 
 
Any help or guidance would be greatly appreciated.
 
Thanks again,
 
Ed Zoeller
 Please consider the environment before printing this e-mail
 
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


More information about the Users mailing list