I wrote my own event log management plugin because I didn't find one that I
liked. You can download it as part of the Sourceforge tntnagiosplugins project.
It should work with NSClient++ (although admittedly I am not testing against
that).
It reports critical and warning events on the specified host (it will exclude a
number of events that are known to be harmless, for instance DCOM 10009 and
about a dozen or so other ones).
The "top ten events" seems like interesting functionality, but doesn't really
fit very well into the Nagios philosophy. Nagios can ultimately only
distinguish between OK, WARNING, CRITICAL. There are better tools for
statistical analysis.
The collection of plugins also contains a separate plugin that reports on login
errors.
From: Ron Wilson [mailto:[email protected]]
Sent: Wednesday, July 21, 2010 3:52 PM
To: Nagios Users List
Subject: Re: [Nagios-users] effective use of NSClient++ Eventlog management
I have tried several times over the past year but never managed to get the
check_eventlog working. If you have any success do tell us about it
From: keshav murthy [mailto:[email protected]]
Sent: Wednesday, 21 July 2010 10:07 p.m.
To: [email protected]
Subject: [Nagios-users] effective use of NSClient++ Eventlog management
Dear all,
We are moving from pnsclient to NSclient++ for all our windows client. We would
like to use the Event log management available with NSClient++.
We would like to do the following (if it is feasible)
Top Ten events in all the clients overall.
Critical Event IDs on any server: We are looking for only the critical event
ID's (like a AD account lockout event ID etc) to be captured and reported to
the nagios server.
Have anybody started using this eventlog management effectively and what are
your way of putting it in place.
Cheers
Keshav
==========================================================
For more information on the Television New Zealand Group, visit us
online at tvnz.co.nz
==========================================================
CAUTION: This e-mail and any attachment(s) contain information that
is intended to be read only by the named recipient(s). This information
is not to be used or stored by any other person and/or organisation.
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Nagios-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
