NetXMS Event Log Monitoring

Started by Tursiops, February 22, 2017, 02:45:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Tursiops

February 22, 2017, 02:45:53 AM
Hi,

I've started testing Windows Event Log monitoring via NetXMS.
Created a basic logwatch file looking for two particular backup related events.
In general, this works ok - except sometimes the agent will just crash when a matching event is found.
The matching event is not recorded on the NetXMS server, but I can see the message in the Windows Event Log.
The agent at that point requires a manual restart, which works just fine.
I've automated the restart part and can confirm that any such crash occurs at the same time as one of the two backup messages is logged.
The same event an hour later then works fine.

I have been unable to find a pattern here, it seems completely random. An agent can run for days or just hours.
If the logwatch syntax was at fault, it should either not work or crash every time - but it doesn't.

Not sure if anyone else has seen something like this?

Cheers

Marco Incalcaterra

#1
February 24, 2017, 05:50:46 PM
Quote from: Tursiops on February 22, 2017, 02:45:53 AM
Not sure if anyone else has seen something like this?

I'm using to LOGWATCH subagent to monitor both standard windows event log and custom event logs (I have one created by my application) and up to know I didn't notice that kind of behavior.

I'm currently on version 2.0.8 on both server and agents.

Marco.

mclifford

#2
March 15, 2017, 04:44:32 PM
I am having he same issue. My agent will crash for no reason.

mclifford

#3
March 15, 2017, 09:25:55 PM
I have been testing this the majority of the day today. I have been running the 64 bit version 2.1-M2. From what I can tell that agent is not stable. I switched to 64 bit version 2.0.8 and all seems stable.


Understand 2.1-M2 is an unstable beta release.

Tursiops

#4
March 16, 2017, 05:08:27 AM
That would make sense then. We're using 2.1-M2 as well.

At present we detect when the Agent crashes and restart the service automatically.
(That doesn't always work either, as we also use quite a few ExternalParameters which call PowerShell. For some reason sometimes a PowerShell process will just keep running and lock port 4700. So when NetXMS stops, it can not start again until the PowerShell process in question is terminated. But that's probably a different issue to the Event Log one.)
Print
Go Up Pages1
User actions