Could NetXMS work with Windows Logs

Started by npoljak, April 07, 2014, 09:31:50 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

npoljak

April 07, 2014, 09:31:50 AM
Hi,

I've stumbled on a part in the documentation that has interested me and I'm not quite sure if I understanded it correctly.
Is there a way to configure NetXMS to grab windows logs and filter them out to send some kind of notification (by E-mail it would be great)?
Does somebody have some kind of experience with this?

Thank you

Victor Kirhenshtein

#1
April 09, 2014, 09:27:37 AM
Hi!

Yes, you can setup Windows event log monitoring. There is a documentation part on log monitoring: https://www.netxms.org/documentation/adminguide/log-monitoring.html. To specify event log instead of file, prefix event log name with asterisk, like this:

<file>*System</file>

to parse system event log.

Best regards,
Victor

npoljak

#2
April 29, 2014, 04:00:26 PM
Thanks for the reply

I've managed that, but the problem is that every error has the same name and description.
Is it possible to pull out the description from the Microsoft event viewer log (ID, general description for the error)

I've tried adding, combining macros http://wiki.netxms.org/wiki/UM:Event_Processing but no success.
Am I doing something wrong?

xml file

<parser>
<file>*Application</file>
  <rules>
    <rule>
      <level>1</level>
      <match>(.*)</match>
      <event params="*">100005</event>
    </rule>
  </rules>
</parser>

Thank you

Victor Kirhenshtein

#3
April 29, 2014, 07:23:23 PM
Hi!

Everything is correct except event tag - it should be

<event params="1">100005</event>

Value in params attribute should match number of capture groups in regular expression (1 in your case).

Best regards,
Victor

npoljak

#4
April 30, 2014, 11:34:50 AM
It worked.

Thanks
Nikola
Print
Go Up Pages1
User actions