events viewer

[gilles]

i need a plugin which can watch events for windows servers (filter them, alert and store them in mysql)

i want something like eventcentral :
http://xavier.dusart.free.fr/win32admin/evt/
which i have tested past years

i don't currently know if i need only one collection (at night) or a 5 minutes collection (a more real time solution)

the bug is : in eventcentral, events are collected with psloglist which is a windows tool

if someone know a good pl script which can do that, report me please

i need a pl script which accept parameters like auth, max events to return, x last time events...

[apperrault]

I actually use a couple of things to do this. One is a small free program you install on the server called NTSyslogCtrl http://ntsyslog.sourceforge.net/. I use that to send to my KiwiSyslog daemon (Free version) on my Cacti server, Then i use the local Syslog update (Syslogupd - v0.43) plugin from Pepj to send it to the SyslogPlugin from Jimmy. It is a little messy, but it works.

hope that helps

app

[ejensen]

i currently use SB EventLog http://eventlog-monitor.info/ and for the most part i really like it. the only problem i have had with it is that the MySQL database got way out of hand early on and slowed everything down to a crawl. I wiped the whole config out and started over, this time only collecting Critical and Warning events and only every 60 minutes. So far its now working great.
I look forward to improvements in this program from the developer, i think it has some great potential.

I also use NTSyslogCtrl on my windows boxes to dump the eventlogs over to syslog server and using the Syslog plugin for cacti I have alerts and reports setup.

Out of the 2 solutions, i think i prefer the SB EventLog because of its features.

Good luck.