Thank you cstackpole for your investigations. Based on this, here is an example (cookbook) for everybody also struggling around with eventlog:
Type: ZABBIX agent (active) Key: eventlog[System] Type of information: Log
NOTE: In the CLIENT config file “Hostname=<host name>” MUST exist (and match the “Hostname” field on the Server) before eventlog will work. Also, ensure there is no “DisableActive=1” line.
({mypc:eventlog[System].logsource(W32Time)}=1)&({mypc:eventlog[System].str(synchronisiert)}=1)&({mypc:eventlog[System].nodata(30)}#1) you can add “logseverity()” the same way
Condition: Host = mypc; Trigger value = ON (when you only want one message) Message: {mypc:eventlog[System].last(0)}
(http://www.zabbix.com/forum/showpost.php?p=15170&postcount=6)
Item: perf_counter[$COUNTER]
On the windows system you can get the possible counter with the following command (at least Windows XP, Windows 2003): typeperf -qx
Enterprise Vault is an email journaling, file and email archiving solution from Symantec formerly Veritas designed for large/medium sized companies with a huge email volume handled by an MS environment. (Lotus Notes and several other Applications are also provided but i will focus on Exchange).
