Zabbix Documentation 3.2

3.04.04.4 (current)| In development:5.0 (devel)| Unsupported:1.82.02.22.43.23.44.2Guidelines

User Tools

Site Tools


manual:config:items:itemtypes:zabbix_agent:win_keys

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
manual:config:items:itemtypes:zabbix_agent:win_keys [2015/09/30 08:36]
martins-v link from 'eventlog' to log monitoring page
manual:config:items:itemtypes:zabbix_agent:win_keys [2018/11/13 06:33] (current)
martins-v more precise wording
Line 9: Line 9:
 | ||||| | |||||
 ^eventlog[name,<​regexp>,<​severity>,<​source>,<​eventid>,<​maxlines>,<​mode>​] ​           ||||| ^eventlog[name,<​regexp>,<​severity>,<​source>,<​eventid>,<​maxlines>,<​mode>​] ​           |||||
-^ |Event log monitoring. ​ |Log  |**name** - name of event log\\ **regexp** - regular expression describing the required pattern\\ **severity** - regular expression describing severity\\ This parameter accepts the following values: "//​Information//",​ "//​Warning//",​ "//​Error//",​ "//​Critical//",​ "//​Verbose//"​ (since Zabbix 2.2.0 running on Windows Vista or newer)\\ **source** - regular expression describing source identifier (regular expression is supported since Zabbix 2.2.0)\\ **eventid** - regular expression describing the event identifier(s)\\ **maxlines** - maximum number of new lines per second the agent will send to Zabbix server or proxy. This parameter overrides the value of '​MaxLinesPerSecond'​ in [[manual:​appendix:​config:​zabbix_agentd_win|zabbix_agentd.win.conf]]\\ **mode** - possible values:\\ //all// (default), //skip// - skip processing of older data (affects only newly created items). ​ |The item must be configured as an [[manual:​appendix:​items:​activepassive#​active_checks|active check]].\\ \\ Examples:\\ => eventlog[Application]\\ => <​nowiki>​eventlog[Security,,"​Failure Audit",,​^(529|680)$]</​nowiki>​\\ => <​nowiki>​eventlog[System,,"​Warning|Error"​]</​nowiki>​\\ => <​nowiki>​eventlog[System,,,,​^1$]</​nowiki>​\\ => <​nowiki>​eventlog[System,,,,​@TWOSHORT]</​nowiki>​ - here a [[manual:​regular_expressions|custom regular expression]] named **TWOSHORT** is referenced (defined as a **Result is TRUE** type, the expression itself being **^1$|^70$**).\\ \\ The ''​mode''​ parameter is supported since Zabbix 2.0.0.\\ "​Windows Eventing 6.0" is supported since Zabbix 2.2.0.\\ \\ Note that selecting a non-Log [[:​manual/​config/​items/​item#​configuration|type of information]] for this item will lead to the loss of local timestamp, as well as log severity and source information.\\ \\ See also additional information on [[:​manual/​config/​items/​itemtypes/​log_items|log monitoring]]. ​ |+^ |Event log monitoring. ​ |Log  |**name** - name of event log\\ **regexp** - regular expression describing the required pattern\\ **severity** - regular expression describing severity\\ This parameter accepts the following values: "//​Information//",​ "//​Warning//",​ "//​Error//",​ "//​Critical//",​ "//​Verbose//"​ (since Zabbix 2.2.0 running on Windows Vista or newer)\\ **source** - regular expression describing source identifier (regular expression is supported since Zabbix 2.2.0)\\ **eventid** - regular expression describing the event identifier(s)\\ **maxlines** - maximum number of new lines per second the agent will send to Zabbix server or proxy. This parameter overrides the value of '​MaxLinesPerSecond'​ in [[manual:​appendix:​config:​zabbix_agentd_win|zabbix_agentd.win.conf]]\\ **mode** - possible values:\\ //all// (default), //skip// - skip processing of older data (affects only newly created items). ​ |The item must be configured as an [[manual:​appendix:​items:​activepassive#​active_checks|active check]].\\ \\ Examples:\\ => eventlog[Application]\\ => <​nowiki>​eventlog[Security,,"​Failure Audit",,​^(529|680)$]</​nowiki>​\\ => <​nowiki>​eventlog[System,,"​Warning|Error"​]</​nowiki>​\\ => <​nowiki>​eventlog[System,,,,​^1$]</​nowiki>​\\ => <​nowiki>​eventlog[System,,,,​@TWOSHORT]</​nowiki>​ - here a [[manual:​regular_expressions|custom regular expression]] named ''​TWOSHORT'' ​is referenced (defined as a //Result is TRUE// type, the expression itself being ''​^1$|^70$''​).\\ \\ //Note// that the agent is unable to send in events from the %%"​Forwarded events"​%% log.\\ \\ The ''​mode''​ parameter is supported since Zabbix 2.0.0.\\ "​Windows Eventing 6.0" is supported since Zabbix 2.2.0.\\ \\ Note that selecting a non-Log [[:​manual/​config/​items/​item#​configuration|type of information]] for this item will lead to the loss of local timestamp, as well as log severity and source information.\\ \\ See also additional information on [[:​manual/​config/​items/​itemtypes/​log_items|log monitoring]]. ​ |
 | ||||| | |||||
 ^net.if.list ​           ||||| ^net.if.list ​           |||||
Line 18: Line 18:
 | ||||| | |||||
 ^proc_info[process,<​attribute>,<​type>​] ​    ||||| ^proc_info[process,<​attribute>,<​type>​] ​    |||||
-^ |Different ​information about specific process(es). ​ |Float ​ |**process** - process name\\ **attribute** - requested process attribute\\ **type** - representation type (meaningful when more than one process with the same name exists) ​ |The following ''​attributes''​ are supported:​\\ //vmsize// (default) - size of process virtual memory in Kbytes\\ //wkset// - size of process working set (amount of physical memory used by process) in Kbytes\\ //pf// - number of page faults\\ //ktime// - process kernel time in milliseconds\\ //utime// - process user time in milliseconds\\ //​io_read_b//​ - number of bytes read by process during I/O operations\\ //​io_read_op//​ - number of read operation performed by process\\ //​io_write_b//​ - number of bytes written by process during I/O operations\\ //​io_write_op//​ - number of write operation performed by process\\ //​io_other_b//​ - number of bytes transferred by process during operations other than read and write operations\\ //​io_other_op//​ - number of I/O operations performed by process, other than read and write operations\\ //gdiobj// - number of GDI objects used by process\\ //userobj// - number of USER objects used by process\\ \\ Valid ''​types''​ are:\\ //avg// (default) - average value for all processes named <​process>​\\ //min// - minimum value among all processes named <​process>​\\ //max// - maximum value among all processes named <​process>​\\ //sum// - sum of values for all processes named <​process>​\\ \\ Examples:\\ => proc_info[iexplore.exe,​wkset,​sum] - to get the amount of physical memory taken by all Internet Explorer processes\\ => proc_info[iexplore.exe,​pf,​avg] - to get the average number of page faults for Internet Explorer processes\\ \\ Note that on a 64-bit system, a 64-bit Zabbix agent is required for this item to work correctly.\\ \\ Note: //io_*//, //gdiobj// and //userobj// attributes are available only on Windows 2000 and later versions of Windows, not on Windows NT 4.0.  |+^ |Various ​information about specific process(es). ​ |Float ​ |**process** - process name\\ **attribute** - requested process attribute\\ **type** - representation type (meaningful when more than one process with the same name exists) ​ |The following ''​attributes''​ are supported:​\\ //vmsize// (default) - size of process virtual memory in Kbytes\\ //wkset// - size of process working set (amount of physical memory used by process) in Kbytes\\ //pf// - number of page faults\\ //ktime// - process kernel time in milliseconds\\ //utime// - process user time in milliseconds\\ //​io_read_b//​ - number of bytes read by process during I/O operations\\ //​io_read_op//​ - number of read operation performed by process\\ //​io_write_b//​ - number of bytes written by process during I/O operations\\ //​io_write_op//​ - number of write operation performed by process\\ //​io_other_b//​ - number of bytes transferred by process during operations other than read and write operations\\ //​io_other_op//​ - number of I/O operations performed by process, other than read and write operations\\ //gdiobj// - number of GDI objects used by process\\ //userobj// - number of USER objects used by process\\ \\ Valid ''​types''​ are:\\ //avg// (default) - average value for all processes named <​process>​\\ //min// - minimum value among all processes named <​process>​\\ //max// - maximum value among all processes named <​process>​\\ //sum// - sum of values for all processes named <​process>​\\ \\ Examples:\\ => proc_info[iexplore.exe,​wkset,​sum] - to get the amount of physical memory taken by all Internet Explorer processes\\ => proc_info[iexplore.exe,​pf,​avg] - to get the average number of page faults for Internet Explorer processes\\ \\ Note that on a 64-bit system, a 64-bit Zabbix agent is required for this item to work correctly.\\ \\ Note: //io_*//, //gdiobj// and //userobj// attributes are available only on Windows 2000 and later versions of Windows, not on Windows NT 4.0.  |
 | ||||| | |||||
 ^service.discovery ​ ^^^^^  ​ ^service.discovery ​ ^^^^^  ​
-^ |List of Windows services. Used for low-level discovery. ​ |JSON object ​ |  |Supported since Zabbix agent version 3.0. |+^ |List of Windows services. Used for [[:​manual/​discovery/​low_level_discovery#​discovery_of_windows_services|low-level discovery]].  |JSON object ​ |  |Supported since Zabbix agent version 3.0. |
 | ||||| | |||||
 ^service.info[service,<​param>​] ​           ||||| ^service.info[service,<​param>​] ​           |||||
Line 31: Line 31:
 ^wmi.get[<​namespace>,<​query>​] ​         ||||| ^wmi.get[<​namespace>,<​query>​] ​         |||||
 ^ |Execute WMI query and return the first selected object. ​ |Integer, float, string or text (depending on the request) ​ | **namespace** - WMI namespace\\ **query** - WMI query returning a single object\\ ​ | Example:\\ => wmi.get[root\cimv2,​select status from Win32_DiskDrive where Name like '​%PHYSICALDRIVE0%'​] - returns the status of the first physical disk.\\ \\ This key is supported since Zabbix 2.2.0. ​ | ^ |Execute WMI query and return the first selected object. ​ |Integer, float, string or text (depending on the request) ​ | **namespace** - WMI namespace\\ **query** - WMI query returning a single object\\ ​ | Example:\\ => wmi.get[root\cimv2,​select status from Win32_DiskDrive where Name like '​%PHYSICALDRIVE0%'​] - returns the status of the first physical disk.\\ \\ This key is supported since Zabbix 2.2.0. ​ |
 +| |||||
 +^vm.vmemory.size[<​type>​] ​         |||||
 +^ | Virtual memory size in bytes or in percentage from total. | Integer - for bytes\\ \\ Float - for percentage | **type** - possible values:\\ //​available//​ (available virtual memory), //​pavailable//​ (available virtual memory, in percent), //pused// (used virtual memory, in percent), //total// (total virtual memory, default), //used// (used virtual memory) | Example:\\ => vm.vmemory.size[pavailable] -> available virtual memory, in percentage\\ \\ Monitoring of virtual memory statistics is based on:\\ * Total virtual memory on Windows (total physical + page file size);\\ * The maximum amount of memory Zabbix agent can commit;\\ * The current committed memory limit for the system or Zabbix agent, whichever is smaller.\\ \\ This key is supported since Zabbix 3.2.3. ​ |
  
 === Monitoring Windows services === === Monitoring Windows services ===