Hi,
I've stumbled on a part in the documentation that has interested me and I'm not quite sure if I understanded it correctly.
Is there a way to configure NetXMS to grab windows logs and filter them out to send some kind of notification (by E-mail it would be great)?
Does somebody have some kind of experience with this?
Thank you
Hi!
Yes, you can setup Windows event log monitoring. There is a documentation part on log monitoring: https://www.netxms.org/documentation/adminguide/log-monitoring.html (https://www.netxms.org/documentation/adminguide/log-monitoring.html). To specify event log instead of file, prefix event log name with asterisk, like this:
<file>*System</file>
to parse system event log.
Best regards,
Victor
Thanks for the reply
I've managed that, but the problem is that every error has the same name and description.
Is it possible to pull out the description from the Microsoft event viewer log (ID, general description for the error)
I've tried adding, combining macros http://wiki.netxms.org/wiki/UM:Event_Processing but no success.
Am I doing something wrong?
xml file
<parser>
<file>*Application</file>
<rules>
<rule>
<level>1</level>
<match>(.*)</match>
<event params="*">100005</event>
</rule>
</rules>
</parser>
Thank you
Hi!
Everything is correct except event tag - it should be
<event params="1">100005</event>
Value in params attribute should match number of capture groups in regular expression (1 in your case).
Best regards,
Victor
It worked.
Thanks
Nikola