Windows Eventlog Addon

This addon allows Nagios to monitor Windows EventLogs by querying an agent installed on the Windows machine (the agent is part of this package.) While by default every event is notified by Nagios, extensive filtering can be defined through various parameters. You can do "anything but XY" or"nothing but XY" notifications or some strange things between these two. Installation instructions can be found here.

This is the first public release. If you experience any problems, please send your comments to the projects mailinglists.

Usage: check_win_eventlog -h <HOST> [-p <PORT>] -l <SOURCENAME> -s <ID>
       [-m <MESSAGETEXT>] [-i <EVENT_IDS>] [-t <EVENT_TYPES>] [-q <SOURCES>]
-H hostname or IP address.
-p port number (defaults to 1903)
-l The Eventlog protocol name. This is one of 'System', 'Application' or
   'Security'. Some Systems may have additional protocols. The names of those
   protocols can be found by looking into the registry key
   [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog].
-s any unique ID string that is used by the agent to identify a request.
-m event text filter. A list of regular expressions divided by colons (:).
   If any of these regular expressions matches the event desciption message,
   the event will NOT be selected for notification.
   If a RegExp begins with '+', the expression will reset
   the match. This way you can do an exclude all but xy.
   Example: '.*:+ALARM' would detect
   messages that include 'ALARM' but ignore anything else.
-i Like -m but for "EventID"
-t Like -m but for "EventType"
-q Like -m but for "Source"