Hi Geier, hi Peter, hi List,
hm this doesn´t work:
"#########
Application:
default green 0 Application looks fine
Source=([^;]+);.*Severity=1: (.*) red 15 $1: serious
error: $2
Source=([^;]+);.*Severity=2: (.*) yellow 15 $1: error: $2
########### "
the rest looks like this:
"System:
default green 0 System looks fine
The (.*) disk is at or near capacity red 20 $1 fs full
Source=([^;]+);.*scsi red 15 $1: scsi error
Source=([^;]+);.*notice yellow 15 $1: notice
Source=([^;]+);.*warning yellow 15 $1: warning
Source=([^;]+);.*fatal yellow 15 $1: fatal error
Source=([^;]+);.*Severity=1: (.*) red 15 $1: serious error: $2
Source=([^;]+);.*Severity=2: (.*) yellow 15 $1: error: $2
#######################################################################
Security:
default green 0 Security looks fine
EventID=636;.*Source=([^;]+);.*Severity=8: (.*Target
Account\sID:\s*%\{.*S-1-5-32-544\}.*) red 15 $1: $2
EventID=637;.*Source=([^;]+);.*Severity=8: (.*Target
Account\sID:\s*%\{.*S-1-5-32-544\}.*) red 15 $1: $2
Source=([^;]+);.*Severity=1: (.*) red 15 $1: serious error: $2
Source=([^;]+);.*Severity=2: (.*) yellow 15 $1: error: $2
#########"
System and Security works fine. It´s a german Windows 2003 SBS Server
with Sp1.
Any ideas ?
Best regards
Michael
Peter Varlien schrieb:
> You probably would want the "default" entry to refer to the application
> log, rather than to "security".
> Presumably Geir did a cut and paste, and overlooked that detail. ;-)
>
> There is a lot of cool stuff you can di with the eventlog (Windows) and
> syslog (Unix/Linux) configuration files.
>
> Peter
>
> On Mon, 19 Mar 2007 09:57:31 +0100, Geir Skomsøy <suppressed>
> wrote:
>
>> suppressed wrote:
>>> Hi @all,
>>>
>>> i wonder if its possible to monitor the "application" eventlog under
>>> Windows. We use Win 2003 SBS SP1 and the BS Client Ver. 1_02. The
>>> problem is that the service "Microsoft Exchange Information Store
>>> service" is running fine, but there is some kind of error with the
>>> exchange server and the eventlog indicates that in the application
>>> eventlog but bs reports: "- System looks fine - Security looks fine".
>>> My uxmon-net:
>>> ...
>>> localhost(a_different_display_name) eventlog
>>> ...
>>> Any ideas ?
>>>
>>
>> Add this to the etc/eventlog logfile:
>> #########
>> Application:
>> default green 0 Security looks fine
>> Source=([^;]+);.*Severity=1: (.*) red 15 $1: serious
>> error: $2
>> Source=([^;]+);.*Severity=2: (.*) yellow 15 $1: error: $2
>> ###########
>>
>> Add your own rules the same way you do with Security and System.
>>
>>
>> Geir
>>
>> -------------------------------------------------------------------------
>> Take Surveys. Earn Cash. Influence the Future of IT
>> Join SourceForge.net's Techsay panel and you'll get the chance to
>> share your
>> opinions on IT & business topics through brief surveys-and earn cash
>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>> _______________________________________________
>> Bigsister-general mailing list
>> suppressed
>> https://lists.sourceforge.net/lists/listinfo/bigsister-general
>>
>>
>
>
>
> --Peter Værlien
> Fritz Aabakkens vei 17, 7072 Heimdal, Norway
> Telephone: 917 69 384, E-Mail: suppressed,
> http://varlien.home.online.no
> It always takes a Clinton to clean up after a Bush - Hillary 2008
>
>
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bigsister-general mailing list
suppressed
https://lists.sourceforge.net/lists/listinfo/bigsister-general
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.