I have been working to write a good, extensive article on the wiki about using windows eventlog (and not only). Wait, but still not soon enough

I've just deleted all of my templates/triggers/items and recreated it exactly as in your screenshots.

Nothing changed at all.


Does the fact that my servers use french locale could cause issues ? (My event logs are named Application / Système / Sécurité)

I dream of a radio button in Zabbix named "Get windows logs". Why does every installation of Zabbix need to be customised for a very general case like Windows Servers...?

Hi

I tried to verify the template i have submitted before, and it seems there are two different templates...

So i exported the working one from my 1.8.2 system and imported it successfully to 1.8.3 test system.

Here is the version i imported.

Hi,

Thank you, this template imports very well. I've applied it to my windows hosts.

For now, I see no changes, no events are notified. Event if I generate some with :

Ok

Are you seeing any new data under "Latest data\EventViewer" ?

/s

No, I see nothing.
It's very strange, as your template is linked to all my windows hosts, and I see the items/triggers linked to it.

But in latest data, I can't see any data concerning events. (Maybe it's normal as nothing has been collected for now?).

is no problem with french locale.

heh. report here or privately for me you zabbix_agent.log with debuglevel=4
and if you can also report part of zabbix_server.log with debuglevel=4 +- 1minute where zabbix agent is starting.

Thank you very much for your help.

I've sent you a PM.

Hello all,

First I have to thank you for your help, especially zalex_ua.

It's now fully working.

The problem was in the configuration of zabbix server (/etc/zabbix/zabbix_server.conf). It seems the default configuration includes a line ListenIP=127.0.0.1. I've commented it out, and it's ok.


Thanks to the great community

Bumping this thread because I've found it the most useful to setting up Zabbix for eventlogs. However, I haven't been able to get it to work yet. I feel I'm mostly there, but I'm just missing some minor step.

I'm currently using Zabbix 2.0 appliance. The ListenIP line in the server config is commented out by default. I'm using the template provided in post #18.

In the agent config I have ServerActive pointing to my Zabbix server. I've tried multiple case combinations in attempts to get it to work.

The zabbix frontend simply tells me that no data has been collected yet for these items. Otherwise Zabbix reports on the monitored client normally.

The logfile on the agent shows the following:

4420:20121206:145508.292 In collect_perfstat()
4176:20121206:145509.057 Get active checks error: cannot connect to [[xxxxxxxxxxxx]:10051]: [0x0000274C] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
4176:20121206:145509.057 In process_active_checks('xxxxxxxxxxxxxx',10051)
4176:20121206:145509.057 End of process_active_checks()
4176:20121206:145509.057 In get_min_nextcheck()
4176:20121206:145509.057 In send_buffer() host:'xxxxxxxxxx' port:10051 values:0/100
4176:20121206:145509.057 End of send_buffer():SUCCEED
4176:20121206:145509.073 Sleeping for 1 second(s)
4420:20121206:145509.401 In collect_perfstat()
4176:20121206:145510.073 In send_buffer() host:'xxxxxxxxxxx' port:10051 values:0/100
4176:20121206:145510.073 End of send_buffer():SUCCEED
4176:20121206:145510.073 Sleeping for 1 second(s)
4420:20121206:145510.401 In collect_perfstat()
4176:20121206:145511.073 In send_buffer() host:'xxxxxxxxxx' port:10051 values:0/100
4176:20121206:145511.073 End of send_buffer():SUCCEED
etc.....

I'm happy to report that my problem was a combination of blatantly obvious things and stupid oversights on my part.

The first thing preventing me from getting active checks working was the firewall on the zabbix appliance. Even though the appliance has active checks enabled by default, the firewall still blocks them. Once I realized this and changed it, my first test box immediately started reporting.

The second problem was related to the way my second test box was set up. I had defined it as xxxx in the agent and zabbix config. This worked fine for the standard checks, but not the active checks. The active checks could not find xxxx. Once I redefined the box as xxxx.yyyy.com in the zabbix config and agent, it started working.