These 2 tests check Event Log on 2 different systems? Please provide as much information as possible, better send your settings to support@ks-soft.net.
Regards
Alex
Evet Viewer check not working
Code: Select all
;-----------------------------------------------------------------------------
;- HostMonitor`s export/import file -
;- Generated by HostMonitor at 21/02/2006 10:14:27 -
;- Source file: C:\Program Files\HostMonitor4\HMList.hml -
;- Generation mode: Selected_Tests -
;-----------------------------------------------------------------------------
; ------- Test #01 -------
Method = NTLog
;--- Common properties ---
;DestFolder = Root\Servidores\Peru\DATACOD\
Title = DATACOD: smppGw events
Comment =
RelatedURL =
ScheduleMode= Regular
Schedule =
Interval = 300
Alerts = Send Mail smppGw
ReverseAlert= No
UnknownIsBad= No
UseCommonLog= Yes
PrivLogMode = Default
CommLogMode = Default
SyncCounters= Yes
SyncAlerts = No
DependsOn = list
MasterTest-Alive = DATACOD: smppGw
;--- Test specific properties ---
Computer = \\DATACOD
Log = Application
Source = smppGw
Username = EWAY\administrator
Password = ********
CheckComp = Any
CheckType = AnyFromList
CheckID = AnyFromList
CheckDescr = Any
CompList =
TypeList = Warning
IDList = ^M4100^M4099^M4097^M
DescrList =
ReportMode = AllEvents
;-----------------------------------------------------------------------------OS: Windows 2000 Server SP4 + Rollup + Last updates
HM: 5.82 Beta (tested with 5.66 as well)
Test Method: NT Event Log
Tested Server
OS: Windows 2000 Advanced Server SP4 + Rollup + Last updates
HARD: Compaq Proliant 380 Cluster
DOMAIN: other domain, non trusted
\\DATACOD is the urn for the cluster (each host is named DATACOD1 and DATACOD2).
Problem: it doesn't work at all. It doesn't detect the warning event we're monitoring. Tested from two different HostMonitor installations.
You already provided this test settings, but we have not seen another test (working one). I wonder what the difference between these tests. If you are using the same settings and one system works, another doesn't...
BTW: Could you try to setup this test to specific host (not cluster)? Another test (test that works fine) checks cluster as well? Or single host?
"Ok" means HostMonitor is able to connect to the server and retrieve records from the log but it does not "see" specific event. As I remember we have tested your event log on our system, HostMonitor found the event. We cannot explain this problem so far
May be some "cluster" ussue... we never tested HostMonitor on clusters.
Regards
Alex
BTW: Could you try to setup this test to specific host (not cluster)? Another test (test that works fine) checks cluster as well? Or single host?
As I remember "doesn't work at all" means HostMonitor shows "Ok" status. Right?Problem: it doesn't work at all.
"Ok" means HostMonitor is able to connect to the server and retrieve records from the log but it does not "see" specific event. As I remember we have tested your event log on our system, HostMonitor found the event. We cannot explain this problem so far
May be some "cluster" ussue... we never tested HostMonitor on clusters.Regards
Alex
Code: Select all
;-----------------------------------------------------------------------------
;- HostMonitor`s export/import file -
;- Generated by HostMonitor at 23/02/2006 15:56:17 -
;- Source file: C:\Program Files\HostMonitor4\HMList.hml -
;- Generation mode: Selected_Tests -
;-----------------------------------------------------------------------------
; ------- Test #01 -------
Method = NTLog
;--- Common properties ---
;DestFolder = Root\Servidores\Peru\DAEMON\
Title = DAEMON: XCOMD
Comment =
RelatedURL =
ScheduleMode= Regular
Schedule =
Interval = 600
Alerts =
ReverseAlert= No
UnknownIsBad= No
UseCommonLog= Yes
PrivLogMode = Default
CommLogMode = Default
SyncCounters= Yes
SyncAlerts = No
DependsOn = list
MasterTest-Alive = DAEMON: Ping
;--- Test specific properties ---
Computer = \\DAEMON
Log = System
Source = Service Control Manager
CheckComp = Any
CheckType = AnyFromList
CheckID = AnyFromList
CheckDescr = Any
CompList =
TypeList = Error
IDList = ^M7016^M
DescrList =
ReportMode = AllEvents
;-----------------------------------------------------------------------------OS: Windows 2000 Server SP4 + Rollup + Last updates
DOMAIN: same domain as HM
But now this test doesn't work again. Nothing was changed since the time it worked. It doesn't work in neither of the two installations. I give up.
Will check the other test by using the NODE name instead of the CLUSTER name and tell you if it changes something.
This means DLLs version mismatch..
Quote from the manual:
Regards
Alex
Quote from the manual:
So, I would recommend to copy DLL from remote system (system that generates event log record) into EventLogDlls subfolder in HostMonitor's home directory.The problem related to NT Event Log test method has been fixed: when HostMonitor calls Windows API to format event description, Windows does not check the accordance between the number of variables in a template (that is stored in resource file) and the number of variables stored in an event log. This could lead to access violation errors when some software was installed or updated incorrectly (e.g. version mismatch between different DLLs) Now HostMonitor checks the template (retrieved from the DLL) and verifies the number of insertion strings before calling Windows function
Also if there is DLLs version mismatch (described above), you may copy appropriate DLL (e.g. copy file from another system) into <HostMonitor>\EventLogDlls\ directory. If HostMonitor detects DLL in EventLogDlls subdirectory, this DLL will be used instead of installed DLL (installed DLL - DLL that is specified in the system registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\<log name>\<event source name> key)
Regards
Alex