Hi everbody,
is it possible to monitor a NT Eventlog, that an alert is triggerde if there are more than x errors were logged within a specific time range, e.g. more than 20 errors within a minute?
Regards & Thanks,
Juergen
NT Eventlog / Trigger Alert
You may use Shell Script test method and script like this one
Regards
Alex
Code: Select all
'gets number of NT Event Log records added within last hour
'parameters: computername logfilename
'-----------------------------------------------------------
Option Explicit
const statusAlive = "scriptRes:Host is alive:"
const statusDead = "scriptRes:No answer:"
const statusUnknown = "scriptRes:Unknown:"
const statusNotResolved = "scriptRes:Unknown host:"
const statusOk = "scriptRes:Ok:"
const statusBad = "scriptRes:Bad:"
const statusBadContents = "scriptRes:Bad contents:"
'---- entry point ----
dim objArgs, strComputer, strLogfile
dim objWMIService, colLoggedEvents, strWMIQuery, wbemDate
Set objArgs = WScript.Arguments
if objArgs.Count>1 then
strComputer = objArgs(0)
strLogfile = objArgs(1)
Set wbemDate = CreateObject("WbemScripting.SWbemDateTime")
wbemDate.SetVarDate(DateAdd("h",-1,Now))
strWMIQuery = "Select * from Win32_NTLogEvent Where (Logfile='" & strLogfile & "') and (timewritten>'" & wbemDate & "')"
Set objWMIService = GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colLoggedEvents = objWMIService.ExecQuery(strWMIQuery)
WScript.StdOut.WriteLine statusOk & colLoggedEvents.Count
else
WScript.StdOut.WriteLine statusUnknown & "Not enough parameters specified"
end ifAlex