Hi all,
I'm having problems getting client side filtering of the windows event logs to work. I try to filter out events with Severity "Information" (1) on the client side.
My item key is defined as follows:
eventlog[Security,,@no_information_severity]
@no_information_severity maps to the following regexp:
[^1]
It seems like everything is filtered out now, I'm not receiving any events on the zabbix server. Using only eventlog[Security] works fine, it just produces too many events.
I find this hard to debug, as I cannot find anything in the zabbix agent logs about the regexp matching or filtering.
I'd be grateful for any suggestions on how to make this work.
I'm having problems getting client side filtering of the windows event logs to work. I try to filter out events with Severity "Information" (1) on the client side.
My item key is defined as follows:
eventlog[Security,,@no_information_severity]
@no_information_severity maps to the following regexp:
[^1]
It seems like everything is filtered out now, I'm not receiving any events on the zabbix server. Using only eventlog[Security] works fine, it just produces too many events.
I find this hard to debug, as I cannot find anything in the zabbix agent logs about the regexp matching or filtering.
I'd be grateful for any suggestions on how to make this work.
Comment