<div>Just a quick note, </div>
<div> </div>
<div>Yes NC_NEt can monitor Window Eventr logs, as well as WMI, Run scripts and all the other CHECK_NT commands (and more) </div>
<div>However it is hosted on SourceForge: <a href="http://sourceforge.net/projects/nc-net">http://sourceforge.net/projects/nc-net</a></div>
<div>the new (Finally done testing) version will be released hopefully this week.</div>
<div> </div>
<div>Tony (Author of NC_NEt)<br><br></div>
<div class="gmail_quote">On Tue, Jun 24, 2008 at 10:52 AM, Rene Fertig <<a href="mailto:me@renux.de">me@renux.de</a>> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Hello Michael.<br>
<div class="Ih2E3d"><br>Michael Dalton wrote:<br>> I am using Fedora 6 with nagios 2.9 monitoring multiple windows 2003<br>> servers. I have looked on the message boards for a solution and have not<br>> come up with one.<br>
><br>> What I would like to do is monitor a specific windows event.....event<br>> id=55....(a disc failure or beginning to fail).<br>><br>> Has anyone else done this?<br><br></div>I've just done this. There are several ways. You can use NC_Net<br>
(<a href="http://shatterit.com/nc_net/" target="_blank">http://shatterit.com/nc_net/</a>) which has the ability to monitor the eventlog.<br>But I haven't tested it.<br><br>I'm using Logparser 2.2<br>(<a href="http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en" target="_blank">http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07&displaylang=en</a>)<br>
which parses the eventlog for some IDs, e.g.:<br><br>logparser "SELECT * FROM System where EventID IN(500;501;503;509;510)" -i:EVT<br>-o:csv > "c:\Programme\Log Parser 2.2\output.csv"<br><br>One can use FIND to look if one of the IDs was found. I do this with the<br>
following batch/cmd file which is called itself by NRPE_NT (see<br>Nagios-Exchange):<br><br>@ECHO OFF<br>"C:\Programme\Log Parser 2.2\logparser" "SELECT * FROM System where EventID<br>IN(500;501;503;509;510)" -i:EVT -o:csv > d:\Logparser\output.csv<br>
FIND "Elements output: 0" "C:\Programme\Log Parser 2.2\output.csv" > NUL<br>IF %ERRORLEVEL% GTR 0 (<br> REM FIND "System," "C:\Programme\Log Parser 2.2\output.csv"<br> echo Fehlermeldung im System-Eventlog gefunden<br>
exit 1<br>)<br>echo OK<br>exit 0<br><br>Probably using NC_Net is much smarter but I did it this way, since we already<br>use NRPE_NT on this server.<br><br>Greetings, Rene<br><font color="#888888"><br>--<br>Tipps & Tricks für Linux, MySQL & Webdesign<br>
-> <a href="http://home.telebel.de/~referti/blog/" target="_blank">http://home.telebel.de/~referti/blog/</a><br></font>
<div>
<div></div>
<div class="Wj3C7c"><br>-------------------------------------------------------------------------<br>Check out the new SourceForge.net Marketplace.<br>It's the best place to buy or sell services for<br>just about anything Open Source.<br>
<a href="http://sourceforge.net/services/buy/index.php" target="_blank">http://sourceforge.net/services/buy/index.php</a><br>_______________________________________________<br>Nagios-users mailing list<br><a href="mailto:Nagios-users@lists.sourceforge.net">Nagios-users@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a><br>::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.<br>
::: Messages without supporting info will risk being sent to /dev/null</div></div></blockquote></div><br>