Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
NagEventLog
This is a Windows service that forwards filtered EventLog messages into Nagios, via the NSCA daemon. It is based on NTSyslog and send_nsca with some additional filtering code by myself, and includes the GPL libmcrypt library. It is therefore distributed under the Gnu GPL. Version 1.6.2 is believed to work with Win 2k3 but is not fully tested. v1.7.0.b now includes the missing mcvcr70.dll that is missing on some systems - it is the inclusion of these Microsoft DLLs that causes the huge size of the install package! v1.8.0 now contains a heartbeat function and upgrade option.
Reviews (6)
I was trying to test it on Windows 2003 and 2012 x64 servers but did not work at all.
bylhenkel, June 24, 2014
I used this for years, but cannot get it to work on Server 2008. It just hangs when you click "Test NSCA daemon" or try and stop it.
Used it w/o a problem before that, so I suppose if you're running older systems, this is pretty good.
Used it w/o a problem before that, so I suppose if you're running older systems, this is pretty good.
byLordInfidel, September 15, 2013
If you are used to this working out of the box with other versions of Windows Server, there are some catches you should be aware of.
**The following has only been tested using NagiosXI 2012R2.3 and Nagevlog 1.9.2 under server 2012)
1. The encryption no longer works. If you have a mixed environment and are running nsca encryption, you need to change it all to "NONE".
For whatever reason, on server 2012, when it is encrypted with say 3Des, the alerts never make it to the inbound transfer. The underlying OS does see the traffic, just something in NagiosXI does not like the way server 2012 nagevlog is doing the encryption.
2. Alerting; Once NagiosXI receives in and sends it to the passive filter, you will not get a email alert. UNLESS, you go into the service, press the Advanced Tab, and enable Active Checks.
Not sure why that is, but that is the only way I was able to get email alerts to come thru. Just be prepared that you are going to get 2 alerts; the first one on the event and the second one saying it has recovered. Hopefully you understand that the recovery is not on the actual event, but the passive listener resetting itself.
Hopefully this saves you a weekend of beating yourself up like I did. It is the loss of my life for the past 72 hours that I dropped my rating down to Good rather than excellent...
Enjoy!
**The following has only been tested using NagiosXI 2012R2.3 and Nagevlog 1.9.2 under server 2012)
1. The encryption no longer works. If you have a mixed environment and are running nsca encryption, you need to change it all to "NONE".
For whatever reason, on server 2012, when it is encrypted with say 3Des, the alerts never make it to the inbound transfer. The underlying OS does see the traffic, just something in NagiosXI does not like the way server 2012 nagevlog is doing the encryption.
2. Alerting; Once NagiosXI receives in and sends it to the passive filter, you will not get a email alert. UNLESS, you go into the service, press the Advanced Tab, and enable Active Checks.
Not sure why that is, but that is the only way I was able to get email alerts to come thru. Just be prepared that you are going to get 2 alerts; the first one on the event and the second one saying it has recovered. Hopefully you understand that the recovery is not on the actual event, but the passive listener resetting itself.
Hopefully this saves you a weekend of beating yourself up like I did. It is the loss of my life for the past 72 hours that I dropped my rating down to Good rather than excellent...
Enjoy!
Does not work for me under Vista.
Lot of errors during installation!
Lot of errors during installation!
Thanks for contribution to Nagios Community. I recommend this 100% for monitoring Windows Event-log through nagios.
