| Version 28 (modified by trac, 11 months ago) (diff) |
|---|
TracNav
Documentation
Guides
Information
Sponsoring
Modules
- overview
Checks and commands
- overview
CauseCrashes
CheckNSCP
CheckDisk
CheckLogFile
CheckEventLog
CheckSystem
CheckHelpers
- overview
- check_always_ok
- check_always_critical
- check_always_warning
- check_ok
- check_critical
- check_warning
- check_multi
- check_version
- check_timeout
- check_negate
CheckTaskSched
CheckTaskSched2
CheckWMI
Scripting Languages?
Servers and protocols?
- overview?
check_nrpe (NRPE Server)
check_nrpe (NRPE Client)
check_nt (NSClient Server)
check_nt (NSClient Client)?
NSCA (NSCA Server)
NSCA (NSCA Client)
NRDP (NRDP Client)
check_mk (CheckMK Server)
check_mk (CheckMK Client)
graphite (Graphite Client)
SMTP (SMTP Client)
syslog (Syslog Client)
Utilities and tools?
Donate
Event log Checker.
Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
Queries (commands)
- checkeventlogcache? Check for errors in the event logger!
- check_eventlog_cache? Check for errors in the event logger!
- checkeventlog? Check for errors in the event logger!
- check_eventlog Check for errors in the event logger!
Commands (executable)
TODO: Add command list
Configuration
CONFIGURE REALTIME CHECKING
A set of options to configure the real time checks
Section: /settings/eventlog/real-time
Keys:
| Key | Title | Description |
| log | LOGS TO CHECK | Coma separated list of logs to check |
| enabled | REAL TIME CHECKING | Spawns a backgrounnd thread which detects issues and reports them back instantly. |
| maximum age | MAGIMUM AGE | How long before reporting "ok" (if this is set to off no ok will be reported only errors) |
| startup age | STARTUP AGE | The initial age to scan when starting NSClient++ |
| enable active | ENABLE ACTIVE MONITORING | This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache?). |
| debug | DEBUG | Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. |
LOGS TO CHECK
Description: Coma separated list of logs to check
Key: log
Default value: application
Sample:
# LOGS TO CHECK # Coma separated list of logs to check [/settings/eventlog/real-time] log=application
REAL TIME CHECKING
Description: Spawns a backgrounnd thread which detects issues and reports them back instantly.
Key: enabled
Default value: 0
Sample:
# REAL TIME CHECKING # Spawns a backgrounnd thread which detects issues and reports them back instantly. [/settings/eventlog/real-time] enabled=0
MAGIMUM AGE
Description: How long before reporting "ok" (if this is set to off no ok will be reported only errors)
Key: maximum age
Default value: 5m
Sample:
# MAGIMUM AGE # How long before reporting "ok" (if this is set to off no ok will be reported only errors) [/settings/eventlog/real-time] maximum age=5m
STARTUP AGE
Description: The initial age to scan when starting NSClient++
Key: startup age
Default value: 30m
Sample:
# STARTUP AGE # The initial age to scan when starting NSClient++ [/settings/eventlog/real-time] startup age=30m
ENABLE ACTIVE MONITORING
Description: This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache?).
Key: enable active
Default value: 0
Sample:
# ENABLE ACTIVE MONITORING # This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache). [/settings/eventlog/real-time] enable active=0
DEBUG
Description: Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
Key: debug
Default value: 0
Sample:
# DEBUG # Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. [/settings/eventlog/real-time] debug=0
REALTIME FILTERS
A set of filters to use in real-time mode
Section: /settings/eventlog/real-time/filters
EVENT LOG SECTION
Section for the EventLog? Checker (CheckEventLog.dll).
Section: /settings/eventlog
Keys:
| Key | Title | Description |
| debug | DEBUG | Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. |
| lookup names | LOOKUP NAMES | Lookup the names of eventlog files |
| buffer size | BUFFER_SIZE | The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. |
| syntax | SYNTAX | Set this to use a specific syntax string for all commands (that don't specify one). |
DEBUG
Description: Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
Key: debug
Default value: 0
Sample:
# DEBUG # Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. [/settings/eventlog] debug=0
LOOKUP NAMES
Description: Lookup the names of eventlog files
Key: lookup names
Default value: 1
Sample:
# LOOKUP NAMES # Lookup the names of eventlog files [/settings/eventlog] lookup names=1
BUFFER_SIZE
Description: The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
Key: buffer size
Default value: 131072
Sample:
# BUFFER_SIZE # The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. [/settings/eventlog] buffer size=131072
SYNTAX
Description: Set this to use a specific syntax string for all commands (that don't specify one).
Key: syntax
Sample:
# SYNTAX # Set this to use a specific syntax string for all commands (that don't specify one). [/settings/eventlog] syntax=
