Hi there,
I am testing checkmk. We want to compare it to PRTG. So far is looks good.
I got some servers in monitoring. It is gathering the windows eventlogs ok.
But i want to add some extra logs that are not showing. They are located in the Applications and Services Logs. The logs that are in the root are automatically added, but the one that are in a folder:
like microsoft\aadapplicationproxy\Connector\Admin is not.
How can i add them? I tried this in the check_mk.user.yml:
logwatch:
enabled: yes
# sendall: no # this is MANDATORY, yes is useful only for debugging
# vista_api: no # this is RECOMMENDED
# skip_duplicated: no # if yes the same messages will be replaced with text [the above messages repeated <n> times]
# max_size: 500000 # default value
# max_line_length: -1 # -1 to ignore, or any positive, max length of the line
# max_entries: -1 # -1 to ignore, or any positive, max count of lines to receive
# timeout: -1 # -1 to ignore, or any positive, in seconds
# entries in the windows eventlog
logfile:
# - 'EventLogName': <crit|warn|all|off> + [context|nocontext]
# - 'Application': crit context # example
# - 'System': warn nocontext # another example
# - 'C:\ProgramData\checkmk\agent\log\check_mk.log': all nocontext # yet another example
- 'Microsoft-AadApplicationProxy-Connector/Admin': all nocontext # This is default params for not missing entries