Ad Widget

**BDiE8VNy** · 05-01-2016, 23:42

The trigger function logseverity() does not support any parameters.

Instead try something like this:

Code:

{<server>:<key>.eventlog[Application].logseverity()} = 4 or {<server>:<key>.eventlog[Application].logseverity()} = 9

**tibo51** · 07-01-2016, 13:24

powershell

Personaly, I wrote a powershell script to monitor this and I send an information to zabbix depending the result of the log.
Something like 1 for an error en 0 when it's OK.

The aim for me to using a script is to monitor a lot of events,

hope I helped you

**juveboss** · 11-01-2016, 09:49

This is the message when I do the command:

##Incorrect trigger expression. Check expression part starting from "{<X.X.X.X>:<1>.eventlog[Application].logseverity()} = 9".

Tibo51 : It's too much to ask you to have a script? With an explanation? Its blocks me in my project ...

**Erravandrhel** · 11-01-2016, 11:44

To monitor the windows event log i have this:

Item:

Type: zabbix agent active
Key eventlog[EVENTLOG_NAME]
Type of information: LOG

Trigger:

{TEMPLATE_NAME:eventlog[EVENTLOG_NAME].logseverity(0)}=4 - for error
{TEMPLATE_NAME:eventlog[EVENTLOG_NAME].logseverity(0)}=2 - for warning

If u want to exclude some event id from trigger u can make something like this:

{_Template Windows Event Log:eventlog[Application].logseverity(0)}=4 & {_Template Windows Event Log:eventlog[Application].logeventid(1111)}=0

Its a trigger that will inform me about error in application log but it wont inform me about error with eventid 1111, cause i dont need information about problem with printers via RDP connection.

**tibo51** · 12-01-2016, 10:29

error disk

Here un samle of my code. This monitor disk error :

#Définition dans une variable des erreurs disques recensées (celle qu'on veut remonter dans zabbix)
$erreur_sys = "7","11","55"

#Parcours de chaque erreur disque contenue dans "systeme"
foreach ($erreur in $erreur_sys){
Write-Host "################################################# ########"
#Requête pour recuperer les erreurs dans le journal d'evenement windows des dernières 24h
#et affectation de celle-ci dans une variable
$sys = Get-WinEvent -FilterHashtable @{logname='system'; id="$erreur"; StartTime=(get-date).AddDays(-1)}
#Verification que la valeur de retour n'est pas nulle. Sinon le journal possède des erreurs
if ($sys -eq $null) {
write-host "$erreur : Il n'y a pas d'erreur" -foreground "green"
$erreur1 = 0
" c:\zabbix\zabbix_sender.exe -z yourzabbixadress -s yourhostnameinzabbix -k thekeyyoucreated -o $erreur1"
}
else{
write-host "$erreur : Il y a des erreurs" -foreground "red"
$erreur1 = 1
" c:\zabbix\zabbix_sender.exe -z yourzabbixadress -s yourhostnameinzabbix -k thekeyyoucreated -o $erreur1"
}
}

For my behalf I have choosen to return "1" for error and "0" when it's ok

Ad Widget

Event log Windows

Event log Windows

Comment

Comment

Comment

Comment

Comment