Hi Tony,<br><br>i replaced 1 with the 0 but for some reason it will not recognize application event logs, even if the event accours five min back, it will say no entry<br>/check_nt -H windowsmachine -p 1248 -v EVENTLOG -l any,any,5,0,0<div>
,1,1081,1111 -p 1248 -c 6</div><br>for example here i need to monitor 1081,1111 ...n number of event IDS but this will give some wrong results some times. i think it will work okay if we monitor only one event ID, but this will not workout.<br>
<br>i tired giving EVENTLOG_NEW insisted of EVENTLOG but i get the error "Client - ERROR: Argument mismatch" do you thing we need to change some arugement under -l when we specify EVENTLOG_NEW. <br><br>please help me on this.<br>
<br>thanks for your help<br><br>Manjunath A<br><br><br><br><br><br><div class="gmail_quote">On Tue, Mar 4, 2008 at 5:56 AM, Anthony Montibello <<a href="mailto:amontibello@gmail.com">amontibello@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div>(This should have stayed in the UserList since it is syntex specific that may benifit other users for Windows Event Log monitoring via NC_NEt and nagios)</div>
<div> </div>
<div> </div>
<div>Almost there syntex is a bit off,</div>
<div>the values after the interval are #of items followed by a comma delimited list of the items</div>
<div>hence 0 means no items, so 1081 should be 1,1081</div>
<div> </div>
<div>Thus try the command </div>
<div>./check_nt -H windowsmachine -p 1248 -v EVENTLOG -l Application,Information,50,0,0,1,1081 -p 1248 -c 6</div>
<div> </div>
<div>the -c and -w controle the Threshold for Warning/Critical/OK </div>
<div> </div>
<div>Also try converting to an EVENTLOG_NEW </div>
<div>since it has some great optimizations that were not in EVENTLOG</div>
<div>check_nt --help=EVENTLOG_NEW<br></div>
<div>Tony (author of nc_net)<br></div><div><div></div><div class="Wj3C7c">
<div class="gmail_quote">On Mon, Mar 3, 2008 at 2:45 AM, manju a <<a href="mailto:manju.kudu@gmail.com" target="_blank">manju.kudu@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;">Hi Tony,<br><br>i am able to make the new check_nt n i m able to get the event log information, but i m not able to monitor the required event logs<br>
<br>for example i m doing like from libexec ./check_nt -H windowsmachine -p 1248 -v EVENTLOG -l any,Information,50,0,0,6,1081 -p 1248<br><br>in the above example i m trying to monitor 1081 event ID under type Information but once i execute this it will show the all the events which took place in 50 min under information type. if it works fine it should show only 1081 events in numbers rite. please correct me if i wrong.<br>
<br>i need to monitor some n numbers of eventlogs in the 50 min time travel, if that logs appears nagios should send an e-mail. please help me on this.<br><br>thanks<br>manjunath A.
<div>
<div></div>
<div><br><br><br><br><br><br><br>
<div class="gmail_quote">On Sun, Mar 2, 2008 at 11:27 PM, manju a <<a href="mailto:manju.kudu@gmail.com" target="_blank">manju.kudu@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>Hi,</div>
<div> </div>
<div>its working fine now, thanks <br><br> </div>
<div>
<div></div>
<div>
<div><span class="gmail_quote">On 2/23/08, <b class="gmail_sendername">Anthony Montibello</b> <<a href="mailto:amontibello@gmail.com" target="_blank">amontibello@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;">
<div>And did that resolve the eventlog issue? </div>
<div> </div>
<div>Tony<br><br> </div>
<div><span>
<div class="gmail_quote">On Fri, Feb 22, 2008 at 9:15 AM, manju a <<a href="mailto:manju.kudu@gmail.com" target="_blank">manju.kudu@gmail.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0px 0px 0px 0.8ex; padding-left: 1ex;">yes this time it works fine... i am able to build
<div>
<div></div>
<div><br><br>
<div class="gmail_quote">On Fri, Feb 22, 2008 at 12:15 PM, Jeff C. Benger <<a href="mailto:jbenger@ztechnet.com" target="_blank">jbenger@ztechnet.com</a>> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div vlink="blue" link="blue" lang="EN-US">
<div>
<p><font color="navy" face="Arial" size="2"><span style="font-size: 10pt; color: navy; font-family: Arial;">Download & extract nagios-plugins source</span></font></p>
<p><font color="navy" face="Arial" size="2"><span style="font-size: 10pt; color: navy; font-family: Arial;">Remove/rename the original check_nt.c in the plugins dir</span></font></p>
<p><font color="navy" face="Arial" size="2"><span style="font-size: 10pt; color: navy; font-family: Arial;">copy the check_nc_net.c file into the plugins folder and rename to check_nt.c</span></font></p>
<p><font color="navy" face="Arial" size="2"><span style="font-size: 10pt; color: navy; font-family: Arial;">rebuild the plugins(make)</span></font></p>
<p><font color="navy" face="Arial" size="2"><span style="font-size: 10pt; color: navy; font-family: Arial;"> </span></font></p>
<div>
<div style="text-align: center;" align="center"><font face="Times New Roman" size="3"><span style="font-size: 12pt;">
<hr align="center" size="2" width="100%">
</span></font></div>
<p><b><font face="Tahoma" size="2"><span style="font-weight: bold; font-size: 10pt; font-family: Tahoma;">From:</span></font></b><font face="Tahoma" size="2"><span style="font-size: 10pt; font-family: Tahoma;"> <a href="mailto:nagios-users-bounces@lists.sourceforge.net" target="_blank">nagios-users-bounces@lists.sourceforge.net</a> [mailto:<a href="mailto:nagios-users-bounces@lists.sourceforge.net" target="_blank">nagios-users-bounces@lists.sourceforge.net</a>] <b><span style="font-weight: bold;">On Behalf Of </span></b>manju a<br>
<b><span style="font-weight: bold;">Sent:</span></b> Friday, February 22, 2008 1:30 AM<br><b><span style="font-weight: bold;">To:</span></b> Anthony Montibello<br><b><span style="font-weight: bold;">Cc:</span></b> <a href="mailto:Nagios-users@lists.sourceforge.net" target="_blank">Nagios-users@lists.sourceforge.net</a><br>
<b><span style="font-weight: bold;">Subject:</span></b> Re: [Nagios-users] NC_Net nagios client to monitor Event logs onwindows</span></font></p></div>
<div>
<div></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">Hi,</span></font></p>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><br>Thanks a lot for your replay. <br><br>when i copied to the libexec folder i got the below error, i know this is not a command soo shell is not able to recognize it.<br>
<br>[root@nagios libexec]# ./check_nt.c<br>./check_nt.c: line 1: /*********************************************************<br>: No such file or directory<br>./check_nt.c: line 2: check_apt: command not found<br>: command not found3: *<br>
./check_nt.c: line 4: check_apt: command not found<br>./check_nt.c: line 5: check_apt: command not found<br>./check_nt.c: line 6: check_apt: command not found<br>: command not found7: *<br>./check_nt.c: line 8: check_apt: command not found<br>
./check_nt.c: line 9: check_apt: command not found<br>./check_nt.c: line 10: syntax error near unexpected token `('<br>./check_nt.c: line 10: ` * Copyright (c) 2007 TOny Montibello (<a href="mailto:tony@MontiTech.co" target="_blank">tony@MontiTech.co</a><br>
')<br><br>can you please let me know how we can recomplie check_nt.c plugins. <br><br>thanks<br>manjunath A.</span></font></p>
<div>
<div>
<p style="margin-bottom: 12pt;"><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><br><br></span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">On Fri, Feb 22, 2008 at 5:12 AM, Anthony Montibello <<a href="mailto:amontibello@gmail.com" target="_blank">amontibello@gmail.com</a>> wrote:</span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">HI,</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><br>THe problem is your version of check_nt</span></font></p></div>
<div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">>>"where check_nt is default plugin which will come with the nagios installation."</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">You need to compile check_nc_net.c</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">to do this, copy the check_nc_net.c to check_nt.c </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">then recompile the plugins</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">check_nc_net.c is in the install location of NC_Net as well as downloadable seperatly from </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><a href="http://downloads.sourceforge.net/nc-net/check_nc_net_040107.zip?modtime=1175541733&big_mirror=0&filesize=17953" target="_blank">http://downloads.sourceforge.net/nc-net/check_nc_net_040107.zip?modtime=1175541733&big_mirror=0&filesize=17953</a></span></font></p>
</div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">However please use the eventlog_new command -(See the help of check_nc_net) </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">It is a more efficient check than eventlog</span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">TOny (Author of NC_NEt)</span></font></p></div>
<div>
<div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">On Thu, Feb 21, 2008 at 1:00 AM, manju a <<a href="mailto:manju.kudu@gmail.com" target="_blank">manju.kudu@gmail.com</a>> wrote:</span></font></p>
</div></div>
<blockquote style="border-style: none none none solid; border-color: -moz-use-text-color; border-width: medium medium medium 1pt; padding: 0in 0in 0in 6pt; margin-left: 4.8pt; margin-right: 0in;">
<div>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">Hi,<br><br>sorry it was my mistake while typing, yes i replaced any5 with 5.... same problem!!! please help me on this<br><br>thanks<br>manjunath A. </span></font></p>
<div>
<div>
<p style="margin-bottom: 12pt;"><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><br><br></span></font></p>
<div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">On Wed, Feb 20, 2008 at 8:30 PM, Edgar Matzinger <<a href="mailto:Edgar.Matzinger@valid.nl" target="_blank">Edgar.Matzinger@valid.nl</a>> wrote:</span></font></p>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">Hi Manju,</span></font></p>
<div>
<p style="margin-bottom: 12pt;"><font face="Times New Roman" size="3"><span style="font-size: 12pt;"><br>><br>> [root@nagios libexec]# ./check_nt -H windowsmachine -p 1248<br>> -v EVENTLOG -l any,any,any5,0,0,0 -w 5 -c 10<br>
> check_nt: Could not parse arguments</span></font></p></div>
<p style="margin-bottom: 12pt;"><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> and if you replace "any5" with "5"?<br><br>HTH, cu l8r, Edgar.<br>--<br> |\ /| : : Addr: Valid Eindhoven B.V.<br>
/ | \/ | : Edgar R. Matzinger : t.a.v. E.R.<br>Matzinger<br>/ | | : : Paradijslaan 36<br>\ /| /\| : : 5611 KN Eindhoven<br>
\/ / \ : Valid Eindhoven BV :<br> \ /\ / : :<br> \/ |\/ : :<br> | : :<br>Disclaimer: Any comments, opinions made are mine, etc ...</span></font></p>
</div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div></div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div></div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;">-------------------------------------------------------------------------<br>This SF.net email is sponsored by: Microsoft<br>Defy all challenges. Microsoft(R) Visual Studio 2008.<br>
<a href="http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/" target="_blank">http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/</a><br>_______________________________________________<br>Nagios-users mailing list<br>
<a href="mailto:Nagios-users@lists.sourceforge.net" target="_blank">Nagios-users@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a><br>
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.<br>::: Messages without supporting info will risk being sent to /dev/null</span></font></p></blockquote></div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div></div></div>
<p><font face="Times New Roman" size="3"><span style="font-size: 12pt;"> </span></font></p></div></div></div></div><br>-------------------------------------------------------------------------<br>This SF.net email is sponsored by: Microsoft<br>
Defy all challenges. Microsoft(R) Visual Studio 2008.<br><a href="http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/" target="_blank">http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/</a><br>_______________________________________________<br>
Nagios-users mailing list<br><a href="mailto:Nagios-users@lists.sourceforge.net" target="_blank">Nagios-users@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a><br>
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.<br>::: Messages without supporting info will risk being sent to /dev/null<br></blockquote></div><br> </div></div><br>-------------------------------------------------------------------------<br>
This SF.net email is sponsored by: Microsoft<br>Defy all challenges. Microsoft(R) Visual Studio 2008.<br><a href="http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/" target="_blank">http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/</a><br>
_______________________________________________<br>Nagios-users mailing list<br><a href="mailto:Nagios-users@lists.sourceforge.net" target="_blank">Nagios-users@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a><br>
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.<br>::: Messages without supporting info will risk being sent to /dev/null<br></blockquote></div><br></span></div></blockquote></div>
<br>
</div></div></blockquote></div><br></div></div></blockquote></div><br>
</div></div></blockquote></div><br>