Hello Steve,
hello Eventlogagentuser,
we have your wonderful eventlogagent on all W2K3 Servers installed.
I'm now trying to get an EventSource Filter that the Events from following Sources:
a) Backup Exec
b) Backup Exec System Recovery
c) LoadPerf
d) APCPBEAgent
should not be submitted to our nagios host. Somthing works fine - as long as only
ONE Source is defined in the Match Rules Settings. But if i would like to define more than one Source with blanks in the description i can't get things to work ...
I'm unsure how to tell the filter that more than one source with blanks in the description should be filtered. If it is the Seperator the blank ... i would have trouble.
I use Version 1.8.1.0 of your Agent and Control App 1.8.0.0.
Actually following Filtersettings are in Registry:
[HKEY_LOCAL_MACHINE\SOFTWARE\Cheshire Cat\Nagios\Filter2]
"Audit Failure"=dword:00000000
"Audit Success"=dword:00000000
"Error"=dword:00000001
"eventLog"=dword:00000001
"eventLogName"="Application"
"filterDesc"="Application Log"
"ID"="4314,3,63,1000,42,40,9548,1022,21245,21421,21423,10021,9327,5008,47,2003,1524,13031,13032"
"Information"=dword:00000000
"matchString"=""
"notID"=dword:00000001
"notMatch"=dword:00000000
"notSource"=dword:00000001
"serviceName"="Anwendung Ereignisanzeige"
"source"="Backup Exec,Backup Exec System Recovery,LoadPerf,APCPBEAgent"
"status"=dword:00000002
"Warning"=dword:00000001
As you can see, i used commata as seperator between the particular source definitions - but unfortunatly this doesn't work ... Can you tell me the correct seperator?
I would be glad to hear from you. Your Eventlog-Tool is very great.
Greetings from Germany
wollila
Wolfgang Stroehlein
Networkadministrator
Diakonie Neuendettelsau
Login
Register
FAQ
Members
