There are two unrelated problems in the eventlog collecion process:
Hope that helps.
Eran
- There is a parsing problem when parsing the active checks list. It seems that there was a recent change in the data sent from the server. The server is sending the header ZBXD followed by some other characters (and nulls) which breaks the parsing, the thing is that it seems that the header is always 13 bytes long. I'm not sure if it can be trusted but for now it sems that adjusting the line start by 13 charachters fixes theproblem.
To fix it add a new line in active.c in line 192:
so the function should look something like this:Code:if (strncmp(str,"ZBXD",4) == 0) str += 13;
Code:static int parse_list_of_checks(char *str) { char *p = NULL, *pstrend = NULL, *key = NULL, *refresh = NULL, *lastlogsize = NULL; zabbix_log( LOG_LEVEL_DEBUG, "In parse_list_of_checks('%s')", str); disable_all_metrics(); while(str) { if (strncmp(str,"ZBXD",4) == 0) str += 13; pstrend = strchr(str,'\n'); if(pstrend) *pstrend = '\0'; /* prepare line */ zabbix_log(LOG_LEVEL_DEBUG, "Parsed [%s]", str); if(strcmp(str, "ZBX_EOF") == 0) break; if(pstrend == NULL) break; - The second problem is with not properly dereferencing the handle when opening the eventlog.
To fix this the dereferencing operator (*) should be added when using eventlog_handle in function zbx_open_eventlog in eventlog.c. The fixed function should look like this:
Code:static long zbx_open_eventlog( char *source, HANDLE *eventlog_handle, long *pNumRecords, long *pLatestRecord) { assert(eventlog_handle); assert(pNumRecords); assert(pLatestRecord); *eventlog_handle = 0; *pNumRecords = 0; *eventlog_handle = OpenEventLog(NULL, source); /* open log file */ if (!*eventlog_handle) { zabbix_log( LOG_LEVEL_WARNING, "Failed to open eventlog [%s] lasterror=%d", source, GetLastError()); return GetLastError(); } zabbix_log( LOG_LEVEL_DEBUG, "Successfully opened the eventlog [%s]", source); GetNumberOfEventLogRecords(*eventlog_handle,(unsigned long*)pNumRecords); /* get number of records */ GetOldestEventLogRecord(*eventlog_handle,(unsigned long*)pLatestRecord); zabbix_log( LOG_LEVEL_DEBUG, "leaving zbx_open_eventlog numrecs=%d, lastrec=%d", *pNumRecords,*pLatestRecord ); return(0); }
Hope that helps.
Eran
Comment