Hey, everyone. Thanks for the help, Andreas!
Got this working as follows:
- Download mk_logwatch.exe from Monitoring Agents menu in CMK
- Place logwatch binary in C:\ProgramData\checkmk\agent\plugins
- Create empty file: C:\ProgramData\checkmk\agent\config\logwatch.cfg
- In logwatch.cfg, add a one line with a file path (non-escaped backslashes) with no leading characters, then, create individual rules after it with a leading space (such as in this example):
C:\temp\test.log
I Ignore this:
W Warning message:
C Critical systems message:
Note there must be a leading space before the options (I, W, C), meaning that " W Warning message:" is acceptable but “W Warning message:” is not.
For the CMK team: Could you update the Windows logwatch monitoring documentation to reflect the current way of doing this? While it seems obvious, it isn’t immediately clear how to implement this.
Thanks!
Tralin