(EN) Monitoring Windows Events without monitoring Logfiles
If you search the internet for how to monitoring Windows Events with Nagios/Naemon/Icinga(2) etc. you find pages over pages how to monitor lgofiles for Windows events. Monitoring logfiles can be a real big nightmare.
– How often will you scan a log?
– Have you processed the event with an earlier scan?
– What to do if a event is not logged?
Monitoring eventlogs needs mostly complex filter rules. And it is mostly not realtime. Beside nsclient++ real time event log monitoring there is not so well known but very effective method. But there is a method without installing any additional software on Windows. Without analyzing logfiles. SNMP traps. Presentation will show how to configure Microsoft SNMP to send traps, how to tell MS Windows to send events as traps same time when the event is written to the logfile and how to process the event with SNMPTT.
Martin FürstenauOce Printing Systems GmbH & Co.KG
Martin Fürstenau works as a Senior System Engineer for Canon Group Member Oce Printing Systems GmbH in Poing near Munich for the last 15 years. His main focus is in system monitoring and reporting and in system administration Linux/Unix, SAN (NetApp storage and Brocade FC switches). Prior to that he worked as a consultant and head of data center. He has over 30 years of experience in data center automation, system- and database administration and as a consultant and trainer.
As a side job he works a trainer for Nagios and Shell programming. He has over 14 years experience with Nagios (started with Netsaint) and has developed a lot of plugins and extensions for Nagios. The concept for the timeperiods enhancements of Nagios 3 was his idea. He is the main developer and maintainer of check_vmware_esx for monitoring VMware systems.