Hello dears,
we plan to monitor our Windows 10/11 Clients with Check_MK, but for the Clients we want only to check one Windows event log:
Services Logs > Microsoft > Windows > Windows Defender > Operational All criticals and warnings.
We have a Check_MK Enterprise 2.2.0p3 instance in use.
I tried many ways, but the backed Client doesn’t get Custom Log.
Thanks a lot for your help
Hi Naiden,
to get a custom log into the monitoring, this should work:
- Agent rule: Text logfiles (Linux, Solaris, Windows)
– Configure a logfile section
— Patterns for logfiles to monitor - for example: C:\mylogfile.log
Then you have to set up regular expression for classifying lines as CRIT, WARN, OK. You can do so in this agent rule or via the service monitoring rule “Logfile pattern”.
I just tested with a manually filled log file “D:\mylog.log” and it works. Don’t forget to update the agents!
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.