When I use the elog.exe Nagios check, the --incOp part does not seem to work as
I would expect it to.
The command I am running is:
C:\Program Files\NRPE_NT\plugins\bin>elog --logs Application --include
Source:"BlackBerry Controller" --incOp And --include Description:"will not
restart" --period 7200 --timeout 30
The results I get are:
CRITICAL - Backup Exec(45828:2:3);BlackBerry Controller(0:457:13);BlackBerry
Messaging Agent IT-UTIL1 Agent 1(10:311:268);Windows Server Update
Services(21:21:1);BlackBerry Dispatcher IT-UTIL1(0:41:38);BlackBerry
Router(2:1:5);Application Hang(2:0...
I would expect this to find event log messages in the last 5 days that are in
the Application log, have a Source of "BlackBerry Controller", and have the
text "will not restart" in the Description. But what I seem to get is every
message in the last 5 days.
Can someone point out the flaw in my thinking or syntax, so I can get this
check working?
If I run the command with just the Source part, I get back an appropriate
number of messages, so all I wanted to do was filter that set a little more to
pull out messages with certain text.
command:
C:\Program Files\NRPE_NT\plugins\bin>elog --logs Application --include
"Source":"BlackBerry Controller" --period 7200 --timeout 30 -vv
results:
<snip>
11/13/2009 6:08:19 PM Warning None
BlackBerry Controller
The description for Event ID '-1342222410' in Source 'BlackBerry
Controller' cannot be found. The local computer may not have the necessary
registry information or message DLL files to display the message, or you may
not have permission to access them. The following information is part of the
event:''IT-UTIL1' agent 1: will not restart - reached the maximum of 10
restarts per 24 hours'
<snip>
Done
WARNING - BlackBerry Controller(0:457:13);
Oddly enough, the Event ID shown in the above message is NOT the Event ID shown
in the Event Viewer. That Event ID is 20406.
thanks,
John
John Patrick Carroll | Senior Systems Administrator
GovDelivery, Inc.
408 St. Peter St, Ste 600 | St Paul, MN 55102-1147
651.757.4124 or 866.276.5583 ext. 124
Resources
Website: www.govdelivery.com<http://www.govdelivery.com>
Blog: www.reachthepublic.com<http://www.reachthepublic.com>
Twitter: www.twitter.com/govdelivery<http://www.twitter.com/govdelivery>
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
