Monitoring Windows Event Log from Nagios

[John P. Rouillard]

In message <E1BNvRo-0006uq-VI at sc8-sf-list2.sourceforge.net>,
Steve Shipway writes:

>Does anyone out there have a method to monitor the Windows Event log
>using Nagios?
>
>Currently, we use the pNSClient agent to collect Perfmon data, which
>works fine.  On UNIX systems, we have the syslogd daemon which will
>feed important events via a filter through NSCA and into a Passive
>Service on Nagios -- again, no problem.  However, we need a way to
>send Windows event log events and generate an alert.
>
>An ideal setup would be a configurable daemon that will send an NSCA alert
>(of a configurable level) for log entries matching a certain regular
>expression.  However, at the moment I'll take anything!  It needs to be
>something that, like pNSClient, can run as a service on the server in
>question.

I used Snare from Intersect Alliance
<http://www.intersectalliance.com/projects/> to dump the events to
syslog on the nagios server. I then use the simple event correlator
SEC <http://kodu.neti.ee/~risto/sec/> to pattern
match/analyze/correlate the events into passive services in Nagios.

				-- rouilj
John Rouillard
===========================================================================
My employers don't acknowledge my existence much less my opinions.


-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver
higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null