Ad Widget

Collapse

How to monitor Windows Event Log with eventlog item?

Collapse
This topic has been answered.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • mtpumpkin
    Junior Member
    • Jul 2018
    • 9
    #1

    How to monitor Windows Event Log with eventlog item?

    Dear all,
    I setup zabbix agent on AD pc and turn on security audit, then I create a template just for monitoring windows event log from that AD. I tried many item that I collect from the internet but no ones work althought the connection is okay and others data are showed normally. I just want to monitor event about user logon/logoff. Any ideas?
    Thanks all.

    Click image for larger version Name: Screenshot_1.jpg Views: 10075 Size: 59.4 KB ID: 392425
    Click image for larger version Name: Screenshot_2.jpg Views: 9508 Size: 22.9 KB ID: 392426

    Click image for larger version Name: Screenshot_3.jpg Views: 9626 Size: 65.3 KB ID: 392427
    Tags: active directory, eventlog windows
    • Answer selected by vijayk at 25-09-2023, 12:38.
      vijayk
      Senior Member
      • May 2023
      • 305
      Originally posted by nczaw
      FYI for snap
      eventlog[Security,,,,^4625,,skip]

      Use this
        • Selected Answer

        Comment

        • mtpumpkin
          Junior Member
          • Jul 2018
          • 9
          #2
          Done

          fill
          Server = Zabbix Server IP
          ActiveServer = Zabbix Server IP
          Hostname = FQDN of host
          Close topic here

            Comment

            • nczaw
              Member
              • Sep 2023
              • 31
              #3
              Hi mtpumpkin,
              Could you please this issue solution detail ? Now i faced with same issue.

                Comment

                • vijayk
                  Senior Member
                  • May 2023
                  • 305
                  #4
                  Originally posted by nczaw
                  Hi mtpumpkin,
                  Could you please this issue solution detail ? Now i faced with same issue.
                  Edit Zabbix Agent config with

                  Server = Zabbix Server IP
                  ActiveServer = Zabbix Server IP
                  Hostname = FQDN of host​

                    Comment

                    • nczaw
                      #4.1
                      nczaw commented
                      25-09-2023, 09:20
                      Editing a comment
                      Hi Vijayk,
                      Thanks a lot for your reply and i configured one new item "eventlog[Security,,,,4725,,]" but when i checked at zabbix tools for this item task no any activity and log coming . I tried with many way. Could you please share me detail process of this log integrations.
                    • vijayk
                      Senior Member
                      • May 2023
                      • 305
                      #5
                      Use "eventlog[Security,,,,^4725,,skip]"

                        Comment

                        • nczaw
                          Member
                          • Sep 2023
                          • 31
                          #6
                          FYI for snap
                          Attached Files

                            Comment

                            • vijayk
                              Senior Member
                              • May 2023
                              • 305
                              #7
                              Originally posted by nczaw
                              FYI for snap
                              eventlog[Security,,,,^4625,,skip]

                              Use this
                                • Selected Answer

                                Comment

                                Previous template Next
                                Working...