I have created the Item in Zabbix on default Windows by Zabbix agent template to get the logs from Event ID 21.
And also created the Trigger with
Expression: logeventid(/Windows by Zabbix agent/eventlog[Microsoft-Windows-TerminalServices-LocalSessionManager/Operational,,,,^21,,skip]**)=1 and nodata(/Windows by Zabbix agent/eventlog[Microsoft-Windows-TerminalServices-LocalSessionManager/Operational,,,,^21,,skip],20)**=0.
This is working fine.
Now I need that Trigger only fire when the IP address of Event Log 21 is not within the local network range IP.
How can I do it?
And also created the Trigger with
Expression: logeventid(/Windows by Zabbix agent/eventlog[Microsoft-Windows-TerminalServices-LocalSessionManager/Operational,,,,^21,,skip]**)=1 and nodata(/Windows by Zabbix agent/eventlog[Microsoft-Windows-TerminalServices-LocalSessionManager/Operational,,,,^21,,skip],20)**=0.
This is working fine.
Now I need that Trigger only fire when the IP address of Event Log 21 is not within the local network range IP.
How can I do it?
Comment