Ad Widget

Collapse

Monitoring Windows Updates via Event Log

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Tux Linuxson
    Junior Member
    • Mar 2024
    • 2
    #1

    Monitoring Windows Updates via Event Log

    I would like to monitor Windows Updates via the Event Log and i have created the following trigger condition.

    logeventid(/Windows by Zabbix agent/eventlog[Microsoft-Windows-WindowsUpdateClient/Operational,,,WindowsUpdateClient,26,,skip],,"[1-9] Updates")=1

    Does anyone have an idea why it doesnt work ?

    Thank you.
    Tags: agent, trigger, windows, zabbix
    • cyber
      Senior Member
      Zabbix Certified SpecialistZabbix Certified Professional
      • Dec 2006
      • 4807
      #2
      You are picking up events with eventid 26 and then you are trying to compare that to "[1-9] Updates". It will never match... 26 <> "[1-9] Updates"
      logeventid (/host/key,<#num<:time shift>>,<pattern>)
      Checking if event ID of the last log entry matches a regular expression.

        Comment

        • Tux Linuxson
          Junior Member
          • Mar 2024
          • 2
          #3
          Ah okay, thanks for the explonation. The eventid that i am trying to track also triggers if there is no update available. Is there a way that it only triggers if there isnt the following phrase "0 Updates"

            Comment

            • cyber
              Senior Member
              Zabbix Certified SpecialistZabbix Certified Professional
              • Dec 2006
              • 4807
              #4
              4 History functions
              https://www.zabbix.com/documentation/6.0/en/manual/appendix/functions/history

              find (/host/key,<(sec|#num)<:time shift>>,<operator>,<pattern>)

                Comment

                Previous template Next
                Working...