<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Message</TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2800.1400" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>Hi,</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>thanks for the fast response! I startet to try out the
check_win_eventlog.pl.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>I installed it, and everything seems to be ok, but even
when i force an error in the event log, i only get the status "Eventlog
OK".</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>When i use different <ID>, i get something
like</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>"./check_win_eventlog.pl -H sygoscala1.rz.sycor.de -s
xyz -l 'System' -t '.*:+1:+2'<BR>Found 1142 errors. Last was: EVT_ID: 3 Time:
Mon Jun 7 08:51:58 2004 Printer __dsdegoe1_DS03/PCADM76/Session 2 was
deleted."</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>which corresponds with the eventlog. But I won't get
any Notification Mails or some Message from my Nagios.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>Here are the relevant config entries, i think i has
something to do with the -s <ID>...but don't know how to fix
it.</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>checkcommands.cfg:</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>define command{<BR>
command_name
check_win_eventlog<BR>
command_line $USER1$/check_win_eventlog.pl -H
$HOSTADDRESS$ -s $ARG1$ -l $ARG2$ -t $ARG3$<BR>}<BR></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>services.cfg:# Eventlog sygoscala<BR>define
service{<BR>
host_name
sygoscala1.rz.sycor.de<BR>
service_description Windows
Eventlog<BR>
use
generic-service<BR>
check_command
check_win_eventlog!sygoscala1!System!.*:+1:+2<BR>
check_period
24x7<BR>
max_check_attempts
4<BR>
normal_check_interval
1<BR>
retry_check_interval
1<BR>
contact_groups xyz</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004>
is_volatile
1<BR>
notification_interval
120<BR>
notification_period
24x7<BR>
notification_options c,r<BR>}</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004># Eventlog pcadm76<BR>define
service{<BR>
host_name
pcadm76<BR>
service_description Windows
Eventlog<BR>
use
generic-service<BR>
check_command
check_win_eventlog!pcadm76!System!.*:+1:+2<BR>
check_period
24x7<BR>
max_check_attempts
4<BR>
normal_check_interval
1<BR>
retry_check_interval
1<BR>
contact_groups xyz<BR>
is_volatile
1<BR>
notification_interval
120<BR>
notification_period
24x7<BR>
notification_options c,r<BR>}<BR></SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004> </DIV></SPAN></FONT>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=798405007-07062004></SPAN></FONT> </DIV><BR>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=de dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> sunilshriram.borkhedkar@wipro.com
[mailto:sunilshriram.borkhedkar@wipro.com] <BR><B>Sent:</B> Thursday, June 03,
2004 12:15 PM<BR><B>To:</B> Sand Philipp<BR><B>Subject:</B> RE: [Nagios-users]
Checking Windows Eventlogs with Nagios<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff
size=2>hi,</FONT></SPAN></DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff size=2>I am
using one plugin but that is not standard plugin as provided with
nagios.org</FONT></SPAN></DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff size=2>The
plugin is check_win_eventlog.pl</FONT></SPAN></DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff size=2>You
type this name in google u will find the exact site.</FONT></SPAN></DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=953441310-03062004><FONT face=Arial color=#0000ff
size=2>Sunil</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT
face=Tahoma size=2>-----Original Message-----<BR><B>From:</B>
nagios-users-admin@lists.sourceforge.net
[mailto:nagios-users-admin@lists.sourceforge.net] <B>On Behalf Of </B>Sand
Philipp<BR><B>Sent:</B> Thursday, June 03, 2004 3:10 PM<BR><B>To:</B>
nagios-users@lists.sourceforge.net<BR><B>Subject:</B> [Nagios-users]
Checking Windows Eventlogs with Nagios<BR><BR></FONT></DIV><!-- Converted from text/rtf format -->
<P><FONT face=Arial size=2>Hi,</FONT> </P>
<P><FONT face=Arial size=2>I hope this is the right Mailing list for this
question...</FONT> <BR><FONT face=Arial size=2>I wonder if it is possible to
monitor the Windows 2000+ Event Logs with any kind of Nagios Plugin. Like
sending an alarm mail when Error with ID xyz accours or someting like
that.</FONT></P>
<P><FONT face=Arial size=2>Could you give me a hint, which plugin i could
use for that? I already googled for that, but had no luck in finding an
answer.</FONT></P>
<P><FONT face=Arial size=2>Thanks for help in advance!</FONT> </P>
<P><FONT face=Arial size=2>Philipp</FONT> </P>
<P><FONT face=Arial color=#000000
size=1>_____________________________</FONT> </P>
<P><B><FONT face=Arial color=#000000 size=1>Philipp Sand</FONT></B>
<BR><FONT face=Arial color=#000000 size=1>OC-CC-TEC-SYS</FONT> </P>
<P><B><FONT face=Arial color=#000000 size=1>SYCOR GmbH</FONT></B> <BR><FONT
face=Arial color=#000000 size=1>Heinrich-von-Stephan-Straße 1-5</FONT>
<BR><FONT face=Arial color=#000000 size=1>D - 37073 Göttingen</FONT> </P>
<P><FONT face=Arial color=#000000 size=1>Telefon +49 (0) 551 / 490 -
0</FONT> <BR><FONT face=Arial color=#000000 size=1>Telefax +49 (0) 551 / 490
- 2000</FONT> </P>
<P><U><FONT face=Arial color=#000000 size=1>philipp.sand@sycor.de</FONT></U>
<BR><U></U><A href="file://www.sycor.de"><U><FONT face=Arial color=#000000
size=1>www.sycor.de</FONT></U><U></U></A><U></U> <BR><FONT face=Arial
color=#000000 size=1>------------------------------------------------</FONT>
</P></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>