Windows Logfile monitoring through Windows Agent

General
,
1

Hi,

I want to monitor an application log called C:\Program Files\EVOKO\EvokoHome\Logs\Evoko-Home.log, but not sure exactly how. I am monitoring Event Log fine, and have the below entry in check_mk.user file, so do i need to add something there, and what syntax would it be?

logwatch:
enabled: yes

sendall: no   # this is MANDATORY, yes is useful only for debugging
vista_api: yes # this is RECOMMENDED
skip_duplicated: no # if yes the same messages will be replaced with text [the above messages repeated <n> times]
max_size: 500000 # default value
max_line_length: -1 # -1 to ignore, or any positive, max length of the line
max_entries: -1     # -1 to ignore, or any positive, max count of lines to receive
timeout: -1         # -1 to ignore, or any positive, in seconds

 # entries in the windows eventlog
logfile:
    # - 'EventLogName': <crit|warn|all|off> + [context|nocontext]
    - 'Application': warn nocontext # example
    # - 'System': warn nocontext    # another example
    # - 'YourOwn': all nocontext    # yet another example
    - '*': off         # This is default params for not missing entries
2

Hi @nickjwest1
you have to configure the file you want to monitor.
Have a look in this threat and look at the link Mike1098 postet there.
And have in mind, that at the moment (starting with 2.1p9) there is a problem with this function, look here.

2 Likes
3

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.