I'm running an exchange server on Windows 2008 r2 standard edition and need to get Nagios to notify me when Event ID 12018 (MSExchangeTransport) occurs. I've already installed NSClient++ and Nagios is already monitoring the server to let me know if it goes down but have never before tried monitoring a specific windows event. I'm open to all suggestions but would prefer a solution that doesn't involve writing lines upon lines of VB or PowerShell code. All answers are very much appreciated!
Asked
Active
Viewed 697 times
1 Answers
0
There is an alias option within the NSC.ini file for NSClient.
alias_event_log
With some basic SQL-ish parameters you can add this check to Nagios with ease. For example:
alias_event_log=CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational')
In a nut-shell, This is checking my Event Logs "Application" and "System" and returning a critical alert if there are any logs that aren't successful or just information within the last two days.
With some tweaking I'm guessing that you can get it to check for specific codes. Have a play :)
Will Ryan
- 661
- 1
- 7
- 17