<div>Thanks Kevin/Mat/Jel and Ron.</div>
<div> </div>
<div>I will try them and take which one suits best.<br><br></div>
<div class="gmail_quote">On Tue, Jul 27, 2010 at 1:49 AM, Mathew Walker <span dir="ltr"><<a href="mailto:lmw94002@hotmail.com">lmw94002@hotmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>I use: <a href="http://www.monitoringexchange.org/inventory/Check-Plugins/Operating-Systems/Windows/NagEventLog" target="_blank">http://www.monitoringexchange.org/inventory/Check-Plugins/Operating-Systems/Windows/NagEventLog</a><br>
<br>It works pretty good, and you can set it up to alert for specific errors or look for all and filter out fluff ones. I even went to far as to figure out the registry settings and push updates for the eventIDs to filter via GPO. Maybe not as glamourous, but it worked pretty good in our environment.<br>
<br>-- <br>Mat W. - <a href="http://www.techadre.com/" target="_blank">http://www.techadre.com</a><br><br><br> <br>
<hr>
From: <a href="mailto:subscription@kkeane.com" target="_blank">subscription@kkeane.com</a>
<div class="im"><br>To: <a href="mailto:nagios-users@lists.sourceforge.net" target="_blank">nagios-users@lists.sourceforge.net</a><br></div>Date: Sat, 24 Jul 2010 12:29:54 -0700
<div>
<div></div>
<div class="h5"><br>Subject: Re: [Nagios-users] effective use of NSClient++ Eventlog management<br><br>
<div>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d">I wrote my own event log management plugin because I didn’t find one that I liked. You can download it as part of the Sourceforge tntnagiosplugins project. It should work with NSClient++ (although admittedly I am not testing against that).</span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d">It reports critical and warning events on the specified host (it will exclude a number of events that are known to be harmless, for instance DCOM 10009 and about a dozen or so other ones).</span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d">The “top ten events” seems like interesting functionality, but doesn’t really fit very well into the Nagios philosophy. Nagios can ultimately only distinguish between OK, WARNING, CRITICAL. There are better tools for statistical analysis.</span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d">The collection of plugins also contains a separate plugin that reports on login errors.</span></p>
<p><span style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<div>
<div style="BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; PADDING-LEFT: 0in; PADDING-BOTTOM: 0in; BORDER-LEFT: medium none; PADDING-TOP: 3pt; BORDER-BOTTOM: medium none">
<p style="MARGIN-LEFT: 0.5in"><b><span style="FONT-SIZE: 10pt">From:</span></b><span style="FONT-SIZE: 10pt"> Ron Wilson [mailto:<a href="mailto:ron@tvnz.co.nz" target="_blank">ron@tvnz.co.nz</a>] <br><b>Sent:</b> Wednesday, July 21, 2010 3:52 PM<br>
<b>To:</b> Nagios Users List<br><b>Subject:</b> Re: [Nagios-users] effective use of NSClient++ Eventlog management</span></p></div></div>
<p style="MARGIN-LEFT: 0.5in"> </p>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ" style="FONT-SIZE: 11pt; COLOR: #1f497d">I have tried several times over the past year but never managed to get the check_eventlog working. If you have any success do tell us about it</span></p>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ" style="FONT-SIZE: 11pt; COLOR: #1f497d"> </span></p>
<div style="BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: medium none; PADDING-LEFT: 4pt; PADDING-BOTTOM: 0in; BORDER-LEFT: blue 1.5pt solid; PADDING-TOP: 0in; BORDER-BOTTOM: medium none">
<div>
<div style="BORDER-RIGHT: medium none; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid; PADDING-LEFT: 0in; PADDING-BOTTOM: 0in; BORDER-LEFT: medium none; PADDING-TOP: 3pt; BORDER-BOTTOM: medium none">
<p style="MARGIN-LEFT: 0.5in"><b><span style="FONT-SIZE: 10pt">From:</span></b><span style="FONT-SIZE: 10pt"> keshav murthy [mailto:<a href="mailto:nkeshav12@gmail.com" target="_blank">nkeshav12@gmail.com</a>] <br><b>Sent:</b> Wednesday, 21 July 2010 10:07 p.m.<br>
<b>To:</b> <a href="mailto:nagios-users@lists.sourceforge.net" target="_blank">nagios-users@lists.sourceforge.net</a><br><b>Subject:</b> [Nagios-users] effective use of NSClient++ Eventlog management</span></p></div></div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Dear all,</span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">We are moving from pnsclient to NSclient++ for all our windows client. We would like to use the Event log management available with NSClient++.</span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">We would like to do the following (if it is feasible)</span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Top Ten events in all the clients overall. </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Critical Event IDs on any server: We are looking for only the critical event ID's (like a AD account lockout event ID etc) to be captured and reported to the nagios server.</span></p>
</div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Have anybody started using this eventlog management effectively and what are your way of putting it in place.</span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ"> </span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Cheers</span></p></div>
<div>
<p style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">Keshav</span></p></div></div><pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">==========================================================</span></pre><pre style="MARGIN-LEFT: 0.5in">
<span lang="EN-NZ">For more information on the Television New Zealand Group, visit us</span></pre><pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">online at <a href="http://tvnz.co.nz/" target="_blank">tvnz.co.nz</a> </span></pre>
<pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">==========================================================</span></pre><pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">CAUTION: This e-mail and any attachment(s) contain information that</span></pre>
<pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">is intended to be read only by the named recipient(s). This information</span></pre><pre style="MARGIN-LEFT: 0.5in"><span lang="EN-NZ">is not to be used or stored by any other person and/or organisation.</span></pre>
</div><br></div></div>
<div class="hm">
<hr>
The New Busy is not the too busy. Combine all your e-mail accounts with Hotmail. <a href="http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4" target="_blank">Get busy.</a></div>
</div><br>------------------------------------------------------------------------------<br>The Palm PDK Hot Apps Program offers developers who use the<br>Plug-In Development Kit to bring their C/C++ apps to Palm for a share<br>
of $1 Million in cash or HP Products. Visit us here for more details:<br><a href="http://ad.doubleclick.net/clk;226879339;13503038;l" target="_blank">http://ad.doubleclick.net/clk;226879339;13503038;l</a>?<br><a href="http://clk.atdmt.com/CRS/go/247765532/direct/01/" target="_blank">http://clk.atdmt.com/CRS/go/247765532/direct/01/</a><br>
_______________________________________________<br>Nagios-users mailing list<br><a href="mailto:Nagios-users@lists.sourceforge.net">Nagios-users@lists.sourceforge.net</a><br><a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/nagios-users</a><br>
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.<br>::: Messages without supporting info will risk being sent to /dev/null<br></blockquote></div><br>