NSClient++ Help (#1) - EventLog? monitoring. (#440) - Message List

EventLog? monitoring.

Hi Mickem,

i was wondering regarding the following..

in the ini file I've defined: filter+severity==error filter-severity==success filter-severity==informational

so i want to get ONLY errors NO success and NO informational.

I'm getting notification about System (which is also defined with application and that is ok) informational messsgaes "The system uptime is X seconds" which suppose not to appear because it was supposed to be filtered.

my question is:

the source of this messages is Source=eventlog (this can be seen in the event viewer).

if its is from this source does it disabled the definitions in the ini since its from the eventlog? and if the answer is yes how can i define that it will only give me errors/critical and not information (even if it has the eventlog source).

thank you for all your help within the last days (forum posts and chats).

broken
08/17/09 10:49:54 (4 years ago)
Tree View Flat View (newer first) Flat View (older first)
  • Message #1374

    Humm...

    Lets recap what I understand:

    you have filter-severity==informational

    And you get a match for a "severity=informational" eventlog record in system?

    (Then you have something else wrong or something is broken, that should not happen.

    You can enable eventlog debugging (very very verbose so you need a short date span, or preferably a close to empty eventlog).

    I would have to look into to this myself to dig deeper.

    Michael Medin

    mickem
    08/18/09 08:24:55 (4 years ago)
    • Message #1375

      hello,

      if you can it could be great.

      as I mentioned it's the same command from the ini file and with the filter severity I gave.

      if the problem exist on other machines and other event log than this is something more generic that needs more exploration.

      broken
      08/19/09 14:50:44 (4 years ago)
      • Message #1400

        if someone tested it pls post your findings since i have no progress with this.

        broken
        08/26/09 09:54:09 (4 years ago)
        • Message #1407

          I have the same issue. It seems that this event has a Type of info, but a Severity of error (i.e. not informational). I don't know where the severity levels come from as this doesn't seem to be in the eventlog information itself. Could someone clarify how Severity is calculated please?

          bernie
          08/30/09 14:24:41 (4 years ago)
          • Message #1408

            Just checked the source code asnd it seems that Severity means EventID > 30

            inline DWORD severity() const { return (pevlr_->EventID>>30);

            bernie
            08/30/09 14:52:39 (4 years ago)
Tree View Flat View (newer first) Flat View (older first)

Subscriptions