Ad Widget

**DmitryL** · 19-05-2016, 16:12

Hello alientm!

Try this trigger

Code:

({TRIGGER.VALUE}=0 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4801)}=1) or ({TRIGGER.VALUE}=1 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4800)}=1)

{TRIGGER.VALUE}=0 Trigger status Problem
{TRIGGER.VALUE}=1 Trigger status OK

**alientm** · 20-05-2016, 08:47

Thank you for your answer.

when i use:

Code:

({TRIGGER.VALUE}=0 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4801)}=1) or ({TRIGGER.VALUE}=1 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4800)}=1)

Zabbix still displays the Problem (Problem does not change to OK when the workstation is locked (eventid 4800))

but when changed to:

Code:

({TRIGGER.VALUE}=0 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4801)}=1) or ({TRIGGER.VALUE}=1 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4800)}=0)

it seems that is working properly

but I do not know whether it is correctly ?

**DmitryL** · 20-05-2016, 11:58

Hi!

Yes, your example is right, mine is not

Thing is that,

Code:

({TRIGGER.VALUE}=0 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4801)}=1) or ({TRIGGER.VALUE}=1 and {BS_VNC:eventlog[Security,,,,4800|4801].logeventid(4800)}=0)

If trigger.value = 0 ( off ) and eventid 4801 appears in eventlog - trigger fires

or

If trigger.value = 1 ( on ) and eventid 4800 appears in eventlog - trigger goes to OK state, because condition .logeventid(4800)=0 terms are not met.

**alientm** · 20-05-2016, 12:11

thank You, without Your help could not do that

Ad Widget

Windows eventlog (4800, 4801) monitoring and trigger

Windows eventlog (4800, 4801) monitoring and trigger

Comment

Comment

Comment

Comment