check event log with check_wmi_plus

Question

Hi,I want to check for specific IDs in a windows server event log and raise a critical alert when there is at least one line with that event.I create this command $USER1$/check_wmi_plus.pl -H $HOSTADDRESS$ -A $WMIU$ -m checkeventlog -a Application -o 1 --inifile=/usr/lib/nagios/plugins/libexec/events.ini -4 $ARG1$  --warnings="*_Itemcount>0" --critical="*_Itemcount>=1"I have created a service attached to the host that I have to test but I have an ok result while there are 12 events.How to make the service critical when there is more than one event. Thank for your help

pnl · Accepted Answer

Hi,I found a solution, I modified the command :$USER1$/check_wmi_plus.pl -H $HOSTADDRESS$ -A $WMIU$ -m checkeventlog -a Application -o 1 --inifile=/usr/lib/nagios/plugins/libexec/events.ini -3 1 -4 $ARG1$  -c 1When there are one or more error events in the application log the service is critical.Best regards

Fabrix · Answer

Thanks for sharing the solution, you're spreading good karma in the community. I'm sure someone out there will benefit from it : )

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded