Event Log Monitoring
Can some one please put together a proper event log monitor how to, including Items, triggers etc. I just cannot find anything in the forum. I have set up the items as suggested. is there any way i can check if the value is being queried by the server, is the server even sending the query, is the agent getting the query, is it sending it back, is the server recieving the query, etc. Active agent queries cannot be checked on the command line as far as I can make out.
My idea is to check the /var/log/secure log for the word "Accepted", as this will mean somebody has logged in to the system succesfully( could be somebody that wants to crack the system.)
I tried to check the agent log files and i don't see any errors, or queries coming in but zabbix server also does not show any errors in the gui to say it cannot send the query.
Any Ideas any one??
My idea is to check the /var/log/secure log for the word "Accepted", as this will mean somebody has logged in to the system succesfully( could be somebody that wants to crack the system.)
I tried to check the agent log files and i don't see any errors, or queries coming in but zabbix server also does not show any errors in the gui to say it cannot send the query.
Any Ideas any one??
Comment