TECHZEN Zenoss User Community ARCHIVE  
FORUMS / Installation & Getting Started / DISCUSSION

6.1.2 Installation

Subject: 6.1.2 Installation
Author: R S
Posted: 2019-01-08 15:19

I'm looking at deploying a new physical box with 6.2.1 on it. I was actually hoping for 5.2 but the "getting started" email downloaded a 6.1.2 ISO. I used the link to take me to the documentation and that's where it all fell apart. 
Community Edition (Core) Installation Guide 6.2.1
Zenoss remove preview
Community Edition (Core) Installation Guide 6.2.1
Gartner Market Guide for IT Infrastructure Monitoring Tools
View this on Zenoss >


So...what is it I'm supposed to do with this ISO? The documentation is absolutely garbage. All it talks about is installation on a virtual appliance. Is every version after 4.2 their attempt to push people to their paid cloud service or something



------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Nate Meek
Posted: 2019-01-08 16:11

That's my theory. They deploy as Docker containers but they don't provide docker-compose files for base configuration. Everything is hidden behind weird layers of complexity, you have to jump through hoops to get access to the downloads (seriously, you have to register and then wait for a human to approve your account before you can download the community edition?), and I saw posts from their staff saying that they either did or wanted to restrict public access to their Docker repos. After all that, you can only do the absolute most basic of the basics. The vast majority of the zenpacks require a subscription to run.

------------------------------
Nate Meek
sadlkfh
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-09 09:37

I don't even see a way to try install 5.2. This is brutal

------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Jane Curry
Posted: 2019-01-10 03:49

I Have to ask the question. If you are already running what Zenoss considers a very old version of Zenoss with 5.2, why not go back to 4.2.5 and run Zenoss rather than Docker ;)  


Cheers,
Jane

------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-10 09:30

I currently run 4.2.5, but when I install any Windows zenpack higher than 2.6.12 to support my Server 2016 systems things start to go south. OID error etc. I'm going to be imaging the drive so I can go back, but I'll be trying this again shortly. I'll post here with my issues. :-)

------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Serge VS
Posted: 2019-01-10 15:15

Hi,

I would suggest to try https://github.com/sergevs/ansible-serviced-zenoss.
Let me to know if you have any issues with the tool or documentation.

------------------------------
Serge
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-10 16:21

link is invalid

------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Serge VS
Posted: 2019-01-11 00:33


https://github.com/sergevs/ansible-serviced-zenoss
It was invalid because of dot at the end of line :)

------------------------------
Serge
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 10:23

So anytime I've upgraded my Windows Zenpack to something higher than 2.6.12 I get

Windows 2016  - Modeler plugin zenoss.winrm.Interfaces returned no results.

Windows 2008r2 - Modeler plugin zenoss.winrm.HardDisks returned no results.

Modelling gives me warnings such as
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.Interfaces. Check WinRM server configuration and z properties.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Services returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.CPUs returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Processes returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.FileSystems returned no results.
WARNING zen.ZenModeler: No results returned for OperatingSystem plugin. Check WMI namespace and DCOM permissions


And events such as 
6 counters missing in collection - see details
missing_counters \packets received/sec, \packets sent/sec, \bytes received/sec, \packets received errors, \packets outbound errors, \bytes sent/sec
plugin_classname ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.Perf


------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Jane Curry
Posted: 2019-01-15 11:21

You have checked that all the WinRM zProperties are still correct?

Try running zenmodeler in debug mode in the zenmodeler container (see other post from today) - it may give you more clues as to what is going wrong.

Presumably this did work with earlier version of the Windows ZenPack?  So it is unlikely to be anything that has changed on your target devices?

Cheers,
Jane

------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 11:50

The WinRM user and WinRMPassword is still set with the same user, the only thing I did this morning was upgrade The python collector, zenpacklib and windows zenpacks.

When I model my 2008 devices I still can see Windows Services, Files Systems, Processors and Interfaces despite the warnings/erros on modelling

When I do the same for my one 2016 server, I get nothing on the device except the graphs cpu utilization, memory usage and page file usage

Here's the debug from a 2016 server
2019-01-15 10:00:06,550 DEBUG zen.ZenModeler: Run in foreground, starting immediately.
2019-01-15 10:00:06,550 DEBUG zen.ZenModeler: Starting PBDaemon initialization
2019-01-15 10:00:06,550 INFO zen.ZenModeler: Connecting to localhost:8789
2019-01-15 10:00:06,550 DEBUG zen.pbclientfactory: Starting connection...
2019-01-15 10:00:06,550 DEBUG zen.ZenModeler: Logging in as admin
2019-01-15 10:00:06,551 DEBUG zen.pbclientfactory: Connected
2019-01-15 10:00:06,551 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 10:00:06,551 DEBUG zen.pbclientfactory: Sending credentials
2019-01-15 10:00:06,553 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 10:00:06,553 INFO zen.ZenModeler: Connected to ZenHub
2019-01-15 10:00:06,553 DEBUG zen.ZenModeler: Setting up initial services: EventService, ModelerService
2019-01-15 10:00:06,554 DEBUG zen.ZenModeler: Chaining getInitialServices with d2
2019-01-15 10:00:06,554 DEBUG zen.pbclientfactory: pinging perspective
2019-01-15 10:00:06,555 DEBUG zen.ZenModeler: Loaded service EventService from zenhub
2019-01-15 10:00:06,555 DEBUG zen.ZenModeler: Loaded service ModelerService from zenhub
2019-01-15 10:00:06,555 DEBUG zen.ZenModeler: Queued event (total of 1) {'rcvtime': 1547571606.555595, 'severity': 0, 'component': 'zenmodeler', 'agent': 'zenmodeler', 'summary': 'started', 'manager': 'zenosscore.CC.local', 'device': 'localhost', 'eventClass': '/App/Start', 'monitor': 'localhost'}
2019-01-15 10:00:06,555 DEBUG zen.ZenModeler: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 10:00:06,556 DEBUG zen.ZenModeler: Calling connected.
2019-01-15 10:00:06,556 DEBUG zen.ZenModeler: fetching monitor properties
2019-01-15 10:00:06,556 DEBUG zen.pbclientfactory: perspective ponged
2019-01-15 10:00:06,556 DEBUG zen.pbclientfactory: Cancelling ping timeout
2019-01-15 10:00:06,563 DEBUG zen.ZenModeler: Getting threshold classes...
2019-01-15 10:00:06,567 DEBUG zen.ZenModeler: Loading classes ['Products.ZenModel.MinMaxThreshold', 'Products.ZenModel.ValueChangeThreshold', 'ZenPacks.community.deviceAdvDetail.thresholds.StatusThreshold']
2019-01-15 10:00:06,567 DEBUG zen.ZenModeler: Fetching default RRDCreateCommand...
2019-01-15 10:00:06,607 DEBUG zen.ZenModeler: Getting collector thresholds...
2019-01-15 10:00:06,615 DEBUG zen.thresholds: Updating threshold ('high event queue', ('localhost collector', ''))
2019-01-15 10:00:06,615 DEBUG zen.thresholds: Updating threshold ('zenmodeler cycle time', ('localhost collector', ''))
2019-01-15 10:00:06,615 DEBUG zen.ZenModeler: Getting collector plugins for each DeviceClass
2019-01-15 10:00:06,629 DEBUG zen.ZenModeler: Starting collector loop...
2019-01-15 10:00:06,629 INFO zen.ZenModeler: Collecting for device 192.168.50.14
2019-01-15 10:00:06,701 INFO zen.ZenModeler: skipping WMI-based collection, PySamba zenpack not installed
2019-01-15 10:00:06,703 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:00:06,704 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:00:06,704 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:00:06,705 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:00:06,705 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:00:06,705 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:00:06,705 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:00:06,706 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:00:06,706 INFO zen.ZenModeler: No Python plugins found for 192.168.50.14
2019-01-15 10:00:06,706 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:00:06,706 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:00:06,706 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:00:06,706 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:00:06,707 INFO zen.ZenModeler: No command plugins found for 192.168.50.14
2019-01-15 10:00:06,707 INFO zen.ZenModeler: SNMP monitoring off for 192.168.50.14
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:00:06,707 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:00:06,708 INFO zen.ZenModeler: No portscan plugins found for 192.168.50.14
2019-01-15 10:00:06,708 DEBUG zen.ZenModeler: Running 0 clients
2019-01-15 10:00:06,708 INFO zen.ZenModeler: Scan time: 0.08 seconds
2019-01-15 10:00:06,709 DEBUG zen.thresholds: Checking value 0.078959941864 on Daemons/localhost/zenmodeler_cycleTime
2019-01-15 10:00:06,709 DEBUG zen.MinMaxCheck: Checking zenmodeler_cycleTime 0.078959941864 against min None and max 34560.0
2019-01-15 10:00:06,709 DEBUG zen.ZenModeler: Queued event (total of 1) {'zenoss.device.url': 'zport/dmd/Monitors/Performance/localhost/viewDaemonPerformance', 'zenoss.device.path': 'Monitors/Performance/localhost', 'severity': 0, 'min': None, 'max': 34560.0, 'component': '', 'agent': 'zenmodeler', 'summary': 'threshold of zenmodeler cycle time restored: current value 0.078960', 'current': 0.07895994186401367, 'manager': 'zenosscore.CC.local', 'eventKey': 'zenmodeler cycle time', 'rcvtime': 1547571606.709893, 'device': 'localhost collector', 'eventClass': '/Perf', 'monitor': 'localhost'}
2019-01-15 10:00:06,710 DEBUG zen.collector.scheduler: In shutdown stage before
2019-01-15 10:00:06,710 DEBUG zen.ZenModeler: Tried to stop reactor that was stopped
2019-01-15 10:00:06,710 INFO zen.ZenModeler: Daemon ZenModeler shutting down
2019-01-15 10:00:06,710 DEBUG zen.ZenModeler: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 10:00:06,711 DEBUG zen.ZenModeler: Collection slots filled
2019-01-15 10:00:06,711 DEBUG zen.ZenModeler: Running 0 clients
2019-01-15 10:00:06,719 DEBUG zen.ZenModeler: Removing service EventService
2019-01-15 10:00:06,720 DEBUG zen.ZenModeler: Removing service ModelerService
2019-01-15 10:00:06,720 DEBUG zen.pbclientfactory: Lost connection to ::1:8789 - [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionLost'>: Connection to the other side was lost in a non-clean fashion: Connection lost.
]
2019-01-15 10:00:06,720 DEBUG zen.collector.scheduler: In shutdown stage during
2019-01-15 10:00:06,720 DEBUG zen.collector.scheduler: In shutdown stage after

------------------------------
R S
------------------------------
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.Interfaces. Check WinRM server configuration and z properties.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Services returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.CPUs returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Processes returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.FileSystems returned no results.
WARNING zen.ZenModeler: No results returned for OperatingSystem plugin. Check WMI namespace and DCOM permissions


And events such as
6 counters missing in collection - see details
missing_counters \packets received/sec, \packets sent/sec, \bytes received/sec, \packets received errors, \packets outbound errors, \bytes sent/sec
plugin_classname ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.Perf


------------------------------
R S
Zenoss remove preview
Community Edition (Core) Installation Guide 6.2.1
Gartner Market Guide for IT Infrastructure Monitoring Tools
View this on Zenoss >


So...what is it I'm supposed to do with this ISO? The documentation is absolutely garbage. All it talks about is installation on a virtual appliance. Is every version after 4.2 their attempt to push people to their paid cloud service or something



------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 11:51

2008r2 debug model

2019-01-15 10:01:18,390 DEBUG zen.ZenModeler: Run in foreground, starting immediately.
2019-01-15 10:01:18,390 DEBUG zen.ZenModeler: Starting PBDaemon initialization
2019-01-15 10:01:18,390 INFO zen.ZenModeler: Connecting to localhost:8789
2019-01-15 10:01:18,391 DEBUG zen.pbclientfactory: Starting connection...
2019-01-15 10:01:18,391 DEBUG zen.ZenModeler: Logging in as admin
2019-01-15 10:01:18,392 DEBUG zen.pbclientfactory: Connected
2019-01-15 10:01:18,392 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 10:01:18,392 DEBUG zen.pbclientfactory: Sending credentials
2019-01-15 10:01:18,394 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 10:01:18,394 INFO zen.ZenModeler: Connected to ZenHub
2019-01-15 10:01:18,394 DEBUG zen.ZenModeler: Setting up initial services: EventService, ModelerService
2019-01-15 10:01:18,394 DEBUG zen.ZenModeler: Chaining getInitialServices with d2
2019-01-15 10:01:18,394 DEBUG zen.pbclientfactory: pinging perspective
2019-01-15 10:01:18,395 DEBUG zen.ZenModeler: Loaded service EventService from zenhub
2019-01-15 10:01:18,396 DEBUG zen.ZenModeler: Loaded service ModelerService from zenhub
2019-01-15 10:01:18,396 DEBUG zen.ZenModeler: Queued event (total of 1) {'rcvtime': 1547571678.396238, 'severity': 0, 'component': 'zenmodeler', 'agent': 'zenmodeler', 'summary': 'started', 'manager': 'zenosscore.CC.local', 'device': 'localhost', 'eventClass': '/App/Start', 'monitor': 'localhost'}
2019-01-15 10:01:18,396 DEBUG zen.ZenModeler: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 10:01:18,396 DEBUG zen.ZenModeler: Calling connected.
2019-01-15 10:01:18,396 DEBUG zen.ZenModeler: fetching monitor properties
2019-01-15 10:01:18,397 DEBUG zen.pbclientfactory: perspective ponged
2019-01-15 10:01:18,397 DEBUG zen.pbclientfactory: Cancelling ping timeout
2019-01-15 10:01:18,404 DEBUG zen.ZenModeler: Getting threshold classes...
2019-01-15 10:01:18,446 DEBUG zen.ZenModeler: Loading classes ['Products.ZenModel.MinMaxThreshold', 'Products.ZenModel.ValueChangeThreshold', 'ZenPacks.community.deviceAdvDetail.thresholds.StatusThreshold']
2019-01-15 10:01:18,447 DEBUG zen.ZenModeler: Fetching default RRDCreateCommand...
2019-01-15 10:01:18,452 DEBUG zen.ZenModeler: Getting collector thresholds...
2019-01-15 10:01:18,459 DEBUG zen.thresholds: Updating threshold ('high event queue', ('localhost collector', ''))
2019-01-15 10:01:18,459 DEBUG zen.thresholds: Updating threshold ('zenmodeler cycle time', ('localhost collector', ''))
2019-01-15 10:01:18,459 DEBUG zen.ZenModeler: Getting collector plugins for each DeviceClass
2019-01-15 10:01:18,472 DEBUG zen.ZenModeler: Starting collector loop...
2019-01-15 10:01:18,472 INFO zen.ZenModeler: Collecting for device 192.168.50.8
2019-01-15 10:01:18,548 INFO zen.ZenModeler: skipping WMI-based collection, PySamba zenpack not installed
2019-01-15 10:01:18,550 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:01:18,551 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:01:18,551 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:01:18,552 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:01:18,552 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:01:18,552 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:01:18,552 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:01:18,553 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:01:18,553 INFO zen.ZenModeler: No Python plugins found for 192.168.50.8
2019-01-15 10:01:18,553 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:01:18,553 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:01:18,553 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:01:18,553 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:01:18,554 INFO zen.ZenModeler: No command plugins found for 192.168.50.8
2019-01-15 10:01:18,554 INFO zen.ZenModeler: SNMP monitoring off for 192.168.50.8
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 10:01:18,554 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 10:01:18,555 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 10:01:18,555 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 10:01:18,555 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 10:01:18,555 INFO zen.ZenModeler: No portscan plugins found for 192.168.50.8
2019-01-15 10:01:18,555 DEBUG zen.ZenModeler: Running 0 clients
2019-01-15 10:01:18,555 INFO zen.ZenModeler: Scan time: 0.08 seconds
2019-01-15 10:01:18,555 DEBUG zen.thresholds: Checking value 0.0828280448914 on Daemons/localhost/zenmodeler_cycleTime
2019-01-15 10:01:18,556 DEBUG zen.MinMaxCheck: Checking zenmodeler_cycleTime 0.0828280448914 against min None and max 34560.0
2019-01-15 10:01:18,556 DEBUG zen.ZenModeler: Queued event (total of 1) {'zenoss.device.url': 'zport/dmd/Monitors/Performance/localhost/viewDaemonPerformance', 'zenoss.device.path': 'Monitors/Performance/localhost', 'severity': 0, 'min': None, 'max': 34560.0, 'component': '', 'agent': 'zenmodeler', 'summary': 'threshold of zenmodeler cycle time restored: current value 0.082828', 'current': 0.08282804489135742, 'manager': 'zenosscore.CC.local', 'eventKey': 'zenmodeler cycle time', 'rcvtime': 1547571678.556542, 'device': 'localhost collector', 'eventClass': '/Perf', 'monitor': 'localhost'}
2019-01-15 10:01:18,556 DEBUG zen.collector.scheduler: In shutdown stage before
2019-01-15 10:01:18,556 DEBUG zen.ZenModeler: Tried to stop reactor that was stopped
2019-01-15 10:01:18,557 INFO zen.ZenModeler: Daemon ZenModeler shutting down
2019-01-15 10:01:18,557 DEBUG zen.ZenModeler: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 10:01:18,558 DEBUG zen.ZenModeler: Collection slots filled
2019-01-15 10:01:18,558 DEBUG zen.ZenModeler: Running 0 clients
2019-01-15 10:01:18,567 DEBUG zen.ZenModeler: Removing service EventService
2019-01-15 10:01:18,568 DEBUG zen.ZenModeler: Removing service ModelerService
2019-01-15 10:01:18,568 DEBUG zen.pbclientfactory: Lost connection to ::1:8789 - [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionLost'>: Connection to the other side was lost in a non-clean fashion: Connection lost.
]
2019-01-15 10:01:18,568 DEBUG zen.collector.scheduler: In shutdown stage during
2019-01-15 10:01:18,568 DEBUG zen.collector.scheduler: In shutdown stage after


------------------------------
R S
------------------------------
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.
ERROR zen.PythonClient: Error on 192.168.50.14: No results returned for zenoss.winrm.Interfaces. Check WinRM server configuration and z properties.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Services returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.CPUs returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.Processes returned no results.
WARNING zen.ZenModeler: The plugin zenoss.winrm.FileSystems returned no results.
WARNING zen.ZenModeler: No results returned for OperatingSystem plugin. Check WMI namespace and DCOM permissions


And events such as
6 counters missing in collection - see details
missing_counters \packets received/sec, \packets sent/sec, \bytes received/sec, \packets received errors, \packets outbound errors, \bytes sent/sec
plugin_classname ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.Perf


------------------------------
R S
Zenoss remove preview
Community Edition (Core) Installation Guide 6.2.1
Gartner Market Guide for IT Infrastructure Monitoring Tools
View this on Zenoss >


So...what is it I'm supposed to do with this ISO? The documentation is absolutely garbage. All it talks about is installation on a virtual appliance. Is every version after 4.2 their attempt to push people to their paid cloud service or something



------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Jane Curry
Posted: 2019-01-15 12:54

Could you run a similar debug in the zenpython container for zenpython:
zenpython run -v 10 -d <test device> > /tmp/fred 2>&1

Cheers,
Jane

------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 13:36

2008r2

2019-01-15 11:25:52,347 INFO zen.python: plugins disabled by watchdog: []

2019-01-15 11:25:52,347 INFO zen.python: starting watchdog with 30.0s timeout

2019-01-15 11:25:52,347 DEBUG zen.watchdog: started

2019-01-15 11:25:52,348 DEBUG zen.zenpython: Starting PBDaemon initialization

2019-01-15 11:25:52,348 INFO zen.zenpython: Connecting to localhost:8789

2019-01-15 11:25:52,348 DEBUG zen.pbclientfactory: Starting connection...

2019-01-15 11:25:52,348 DEBUG zen.zenpython: Logging in as admin

2019-01-15 11:25:52,349 DEBUG zen.pbclientfactory: Connected

2019-01-15 11:25:52,349 DEBUG zen.pbclientfactory: Cancelling connect timeout

2019-01-15 11:25:52,353 DEBUG zen.pbclientfactory: Sending credentials

2019-01-15 11:25:52,355 DEBUG zen.pbclientfactory: Cancelling connect timeout

2019-01-15 11:25:52,355 INFO zen.zenpython: Connected to ZenHub

2019-01-15 11:25:52,355 DEBUG zen.zenpython: Setting up initial services: EventService, ZenPacks.zenoss.PythonCollector.services.PythonConfig

2019-01-15 11:25:52,355 DEBUG zen.zenpython: Chaining getInitialServices with d2

2019-01-15 11:25:52,356 DEBUG zen.pbclientfactory: pinging perspective

2019-01-15 11:25:52,357 DEBUG zen.zenpython: Loaded service EventService from zenhub

2019-01-15 11:25:52,357 DEBUG zen.zenpython: Loaded service ZenPacks.zenoss.PythonCollector.services.PythonConfig from zenhub

2019-01-15 11:25:52,358 DEBUG zen.zenpython: Queued event (total of 1) {'rcvtime': 1547576752.358126, 'severity': 0, 'component': 'zenpython', 'agent': 'zenpython', 'summary': 'started', 'manager': 'zenosscore.CC.local', 'device': 'localhost', 'eventClass': '/App/Start', 'monitor': 'localhost'}

2019-01-15 11:25:52,358 DEBUG zen.zenpython: Sending 1 events, 0 perf events, 0 heartbeats

2019-01-15 11:25:52,358 DEBUG zen.zenpython: Calling connected.

2019-01-15 11:25:52,359 DEBUG zen.collector.config: Heartbeat timeout set to 900s

2019-01-15 11:25:52,359 DEBUG zen.collector.scheduler: add task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x664a350> using 2592000 second interval

2019-01-15 11:25:52,359 DEBUG zen.zenpython: Performing periodic maintenance

2019-01-15 11:25:52,359 DEBUG zen.pbclientfactory: perspective ponged

2019-01-15 11:25:52,359 DEBUG zen.pbclientfactory: Cancelling ping timeout

2019-01-15 11:25:52,359 DEBUG zen.collector.scheduler: Task configLoader starting (waited 0 seconds) on 2592000 second intervals

2019-01-15 11:25:52,359 DEBUG zen.collector.scheduler: Task configLoader changing state from IDLE to QUEUED

2019-01-15 11:25:52,360 DEBUG zen.collector.scheduler: Task configLoader changing state from QUEUED to RUNNING

2019-01-15 11:25:52,360 DEBUG zen.collector.config: configLoader gathering configuration

2019-01-15 11:25:52,360 DEBUG zen.collector.config: Fetching daemon configuration properties

2019-01-15 11:25:54,090 DEBUG zen.collector.scheduler: Task configLoader changing state from RUNNING to FETCHING_MISC_CONFIG

2019-01-15 11:25:54,090 DEBUG zen.zenpython: Updated configCycleInterval preference to 360

2019-01-15 11:25:54,090 DEBUG zen.zenpython: Changing config task interval from 43200 to 360 minutes

2019-01-15 11:25:54,090 DEBUG zen.collector.scheduler: Stopping task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x664a350>

2019-01-15 11:25:54,090 DEBUG zen.collector.scheduler: call finished LoopingCall<2592000>(CallableTask: configLoader, *(), **{}) : LoopingCall<2592000>(CallableTask: configLoader, *(), **{})

2019-01-15 11:25:54,090 INFO zen.collector.scheduler: Detailed Task Statistics:

configLoader Current State: FETCHING_MISC_CONFIG Successful_Runs: 1 Failed_Runs: 0 Missed_Runs: 0

Detailed Task States:

configLoader State: RUNNING Total: 1 Total Elapsed: 1.7301 Min: 1.7301 Max: 1.7301 Mean: 1.7301 StdDev: 0.0000

configLoader State: QUEUED Total: 1 Total Elapsed: 0.0003 Min: 0.0003 Max: 0.0003 Mean: 0.0003 StdDev: 0.0000

2019-01-15 11:25:54,090 DEBUG zen.collector.config: Heartbeat timeout set to 900s

2019-01-15 11:25:54,091 DEBUG zen.collector.scheduler: add task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x6653510> using 21600 second interval

2019-01-15 11:25:54,091 DEBUG zen.collector.config: Fetching threshold classes

2019-01-15 11:25:54,188 DEBUG zen.zenpython: Loading classes ['Products.ZenModel.MinMaxThreshold', 'Products.ZenModel.ValueChangeThreshold', 'ZenPacks.community.deviceAdvDetail.thresholds.StatusThreshold']

2019-01-15 11:25:54,188 DEBUG zen.collector.config: Fetching collector thresholds

2019-01-15 11:25:54,228 DEBUG zen.thresholds: Updating threshold ('high event queue', ('localhost collector', ''))

2019-01-15 11:25:54,228 DEBUG zen.thresholds: Updating threshold ('zenmodeler cycle time', ('localhost collector', ''))

2019-01-15 11:25:54,228 DEBUG zen.collector.config: Fetching configurations

2019-01-15 11:25:54,462 DEBUG zen.zenpython: updateDeviceConfigs: updatedConfigs=['192.168.50.8']

2019-01-15 11:25:54,462 DEBUG zen.zenpython: Processing configuration for 192.168.50.8

2019-01-15 11:25:54,462 DEBUG zen.daemon: DummyListener: configuration 192.168.50.8 added

2019-01-15 11:25:54,462 DEBUG zen.collector.tasks: Splitting config 192.168.50.8

2019-01-15 11:25:54,463 DEBUG zen.MicrosoftWindows: 192.168.50.8: Windows Perfmon Creating 1 long running command(s)

2019-01-15 11:25:54,464 DEBUG zen.zenpython: Tasks for config 192.168.50.8: {'192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>': <__main__.PythonCollectionTask object at 0x7544c50>, '192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>': <__main__.PythonCollectionTask object at 0x7544bd0>, '192.168.50.8 300 Windows Perfmon': <__main__.PythonCollectionTask object at 0x7544850>, '192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin': <__main__.PythonCollectionTask object at 0x7544cd0>}

2019-01-15 11:25:54,465 DEBUG zen.collector.scheduler: add task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, <__main__.PythonCollectionTask object at 0x7544c50> using 300 second interval

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.8', ''))

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.8', ''))

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.8', ''))

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('high utilization', ('192.168.50.8', '13-Microsoft Virtual Machine Bus Network Adapter _3'))

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('low disk space', ('192.168.50.8', 'C'))

2019-01-15 11:25:54,465 DEBUG zen.collector.scheduler: add task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, <__main__.PythonCollectionTask object at 0x7544bd0> using 300 second interval

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.8', ''))

2019-01-15 11:25:54,465 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.8', ''))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.8', ''))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('high utilization', ('192.168.50.8', '13-Microsoft Virtual Machine Bus Network Adapter _3'))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('low disk space', ('192.168.50.8', 'C'))

2019-01-15 11:25:54,466 DEBUG zen.collector.scheduler: add task 192.168.50.8 300 Windows Perfmon, <__main__.PythonCollectionTask object at 0x7544850> using 300 second interval

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.8', ''))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.8', ''))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.8', ''))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('high utilization', ('192.168.50.8', '13-Microsoft Virtual Machine Bus Network Adapter _3'))

2019-01-15 11:25:54,466 DEBUG zen.thresholds: Updating threshold ('low disk space', ('192.168.50.8', 'C'))

2019-01-15 11:25:54,467 DEBUG zen.collector.scheduler: add task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin, <__main__.PythonCollectionTask object at 0x7544cd0> using 300 second interval

2019-01-15 11:25:54,467 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.8', ''))

2019-01-15 11:25:54,467 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.8', ''))

2019-01-15 11:25:54,467 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.8', ''))

2019-01-15 11:25:54,467 DEBUG zen.thresholds: Updating threshold ('high utilization', ('192.168.50.8', '13-Microsoft Virtual Machine Bus Network Adapter _3'))

2019-01-15 11:25:54,467 DEBUG zen.thresholds: Updating threshold ('low disk space', ('192.168.50.8', 'C'))

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> starting (waited 0 seconds) on 300 second intervals

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from IDLE to QUEUED

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> starting (waited 0 seconds) on 300 second intervals

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from IDLE to QUEUED

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon starting (waited 0 seconds) on 300 second intervals

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from IDLE to QUEUED

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin starting (waited 0 seconds) on 300 second intervals

2019-01-15 11:25:54,468 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from IDLE to QUEUED

2019-01-15 11:25:54,469 DEBUG zen.zenpython: purgeOmittedDevices: deletedConfigs=

2019-01-15 11:25:54,469 DEBUG zen.collector.scheduler: Task configLoader finished, result: 'Configuration loaded'

2019-01-15 11:25:54,469 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from QUEUED to RUNNING

2019-01-15 11:25:54,469 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:54,469 DEBUG zen.MicrosoftWindows: 192.168.50.8 Start Collection of Events

2019-01-15 11:25:54,469 DEBUG zen.MicrosoftWindows: sending event script: "& { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return \"\"; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace(\"`r\",\"\").replace(\"`n\",\" \"); $s = $s.replace('\"', '\\"').replace(\"\'\",\"'\"); $s = $s.replace(\"`t\", \" \"); return \"$($s)\".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.EntryType))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeGenerated))`\", `\"Source`\": `\"$(sstring($_.Source))`\", `\"InstanceId`\": `\"$(sstring($_.InstanceId))`\", `\"Message`\": `\"$(sstring($_.Message))`\", `\"UserName`\": `\"$(sstring($_.UserName))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.EventID))`\" }\" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.LevelDisplayName))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeCreated))`\", `\"Source`\": `\"$(sstring($_.ProviderName))`\", `\"InstanceId`\": `\"$(sstring($_.Id))`\", `\"Message`\": `\"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`\", `\"UserName`\": `\"$(sstring($_.UserId))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.Id))`\" }\" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path=\"Application\" Id=\"0\"> <Select Path=\"Application\">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent -FilterXml $query.replace(\"{logname}\",$logname).replace(\"{time}\", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname \"Application\" -selector {$True} -max_age 24 -eventid \"ApplicationEventLog\"; }"

2019-01-15 11:25:54,471 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:54,471 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from QUEUED to RUNNING

2019-01-15 11:25:54,471 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:54,471 DEBUG zen.MicrosoftWindows: 192.168.50.8 Start Collection of Events

2019-01-15 11:25:54,471 DEBUG zen.MicrosoftWindows: sending event script: "& { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return \"\"; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace(\"`r\",\"\").replace(\"`n\",\" \"); $s = $s.replace('\"', '\\"').replace(\"\'\",\"'\"); $s = $s.replace(\"`t\", \" \"); return \"$($s)\".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.EntryType))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeGenerated))`\", `\"Source`\": `\"$(sstring($_.Source))`\", `\"InstanceId`\": `\"$(sstring($_.InstanceId))`\", `\"Message`\": `\"$(sstring($_.Message))`\", `\"UserName`\": `\"$(sstring($_.UserName))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.EventID))`\" }\" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.LevelDisplayName))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeCreated))`\", `\"Source`\": `\"$(sstring($_.ProviderName))`\", `\"InstanceId`\": `\"$(sstring($_.Id))`\", `\"Message`\": `\"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`\", `\"UserName`\": `\"$(sstring($_.UserId))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.Id))`\" }\" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path=\"System\" Id=\"0\"> <Select Path=\"System\">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent -FilterXml $query.replace(\"{logname}\",$logname).replace(\"{time}\", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname \"System\" -selector {$True} -max_age 24 -eventid \"SystemEventLog\"; }"

2019-01-15 11:25:54,472 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:54,472 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from QUEUED to RUNNING

2019-01-15 11:25:54,472 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from RUNNING to BLOCKING

2019-01-15 11:25:54,472 DEBUG zen.MicrosoftWindows: Windows Perfmon starting Get-Counter on 192.168.50.8

2019-01-15 11:25:54,472 DEBUG zen.MicrosoftWindows: 192.168.50.8: Starting Perfmon collection script: "& {[System.Console]::OutputEncoding = New-Object System.Text.UTF8Encoding($False); $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size (4096, 1024); get-counter -ea silentlycontinue -SampleInterval 1 -MaxSamples 1 -counter @(('\logicaldisk(c:)\% disk read time'),('\logicaldisk(c:)\% disk write time'),('\logicaldisk(c:)\disk read bytes/sec'),('\logicaldisk(c:)\disk write bytes/sec'),('\logicaldisk(c:)\free megabytes'),('\memory\available bytes'),('\memory\committed bytes'),('\memory\pages input/sec'),('\memory\pages output/sec'),('\network interface(microsoft virtual machine bus network adapter _3)\bytes received/sec'),('\network interface(microsoft virtual machine bus network adapter _3)\bytes sent/sec'),('\network interface(microsoft virtual machine bus network adapter _3)\packets outbound errors'),('\network interface(microsoft virtual machine bus network adapter _3)\packets received errors'),('\network interface(microsoft virtual machine bus network adapter _3)\packets received/sec'),('\network interface(microsoft virtual machine bus network adapter _3)\packets sent/sec'),('\paging file(_total)\% usage'),('\processor(_total)\% privileged time'),('\processor(_total)\% processor time'),('\processor(_total)\% user time'),('\system\system up time')) | Format-List -Property Readings; }"

2019-01-15 11:25:54,473 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from BLOCKING to RUNNING

2019-01-15 11:25:54,473 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from QUEUED to RUNNING

2019-01-15 11:25:54,473 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from RUNNING to BLOCKING

2019-01-15 11:25:54,473 DEBUG zen.MicrosoftWindows: 192.168.50.8:Start Collection of Services

2019-01-15 11:25:54,474 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,392 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,392 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,392 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,393 DEBUG zen.MicrosoftWindows: EventLog Results: {'exit_code': 0,

'stderr': [u'Get-WinEvent : No events were found that match the specified selection criteria.',

u'At line:1 char:2652',

u'+ & { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return ""; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace("`r","").replace("`n"," "); $s = $s.replace(\'"\', \'\\\').replace("\\\'","\'"); $s = $s.replace("`t", " "); return "$($s)".replace(\'\\\',\'\\\\\').trim(); }; function EventLogToJSON { begin { $first = $True; \'[\' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.EntryType))`", `"TimeGenerated`": `"$(sstring($_.TimeGenerated))`", `"Source`": `"$(sstring($_.Source))`", `"InstanceId`": `"$(sstring($_.InstanceId))`", `"Message`": `"$(sstring($_.Message))`", `"UserName`": `"$(sstring($_.UserName))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.EventID))`" }" } end { \']\' } }; function EventLogRecordToJSON { begin { $first = $True; \'[\' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.LevelDisplayName))`", `"TimeGenerated`": `"$(sstring($_.TimeCreated))`", `"Source`": `"$(sstring($_.ProviderName))`", `"InstanceId`": `"$(sstring($_.Id))`", `"Message`": `"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`", `"UserName`": `"$(sstring($_.UserId))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.Id))`" }" } end { \']\' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\\SOFTWARE\\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\\SOFTWARE\\zenoss\\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\\SOFTWARE\\zenoss\\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem \'HKLM:\\software\\microsoft\\net framework setup\\ndp\'| % {$_.name.split(\'\\\')[5]} | ? { $_ -match \'v3.5|v[45].*\'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = \'<QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>\'; [Array]$events = Get-WinEvent <<<< -FilterXml $query.replace("{logname}",$logname).replace("{time}", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\\SOFTWARE\\zenoss\\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname "Application" -selector {$True} -max_age 24 -eventid "ApplicationEventLog"; }',

u'+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception',

u'+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand'],

'stdout': []}

2019-01-15 11:25:55,393 DEBUG zen.MicrosoftWindows: 192.168.50.8: Event query error: Get-WinEvent : No events were found that match the specified selection criteria.

At line:1 char:2652

+ & { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return ""; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace("`r","").replace("`n"," "); $s = $s.replace('"', '\').replace("\'","'"); $s = $s.replace("`t", " "); return "$($s)".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.EntryType))`", `"TimeGenerated`": `"$(sstring($_.TimeGenerated))`", `"Source`": `"$(sstring($_.Source))`", `"InstanceId`": `"$(sstring($_.InstanceId))`", `"Message`": `"$(sstring($_.Message))`", `"UserName`": `"$(sstring($_.UserName))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.EventID))`" }" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.LevelDisplayName))`", `"TimeGenerated`": `"$(sstring($_.TimeCreated))`", `"Source`": `"$(sstring($_.ProviderName))`", `"InstanceId`": `"$(sstring($_.Id))`", `"Message`": `"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`", `"UserName`": `"$(sstring($_.UserId))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.Id))`" }" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent <<<< -FilterXml $query.replace("{logname}",$logname).replace("{time}", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname "Application" -selector {$True} -max_age 24 -eventid "ApplicationEventLog"; }

+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception

+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand

2019-01-15 11:25:55,393 DEBUG zen.MicrosoftWindows:

2019-01-15 11:25:55,393 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,393 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,393 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,393 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to SEND_EVENTS

2019-01-15 11:25:55,394 DEBUG zen.zenpython: Queued event (total of 1) {'rcvtime': 1547576755.394024, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: successful event collection', 'eventKey': 'WindowsEventCollection: ApplicationEventLog'}

2019-01-15 11:25:55,394 DEBUG zen.zenpython: Queued event (total of 2) {'rcvtime': 1547576755.394196, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: No PowerShell errors during event collection', 'eventKey': 'EventLogPowerShell: ApplicationEventLog'}

2019-01-15 11:25:55,394 DEBUG zen.zenpython: Queued event (total of 3) {'rcvtime': 1547576755.394481, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.8'}

2019-01-15 11:25:55,396 DEBUG zen.zenpython: Queued event (total of 4) {'rcvtime': 1547576755.395964, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.8'}

2019-01-15 11:25:55,396 DEBUG zen.zenpython: Queued event (total of 5) {'rcvtime': 1547576755.396246, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': None, 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting ApplicationEventLog datasource', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>', 'components': '', 'device': '192.168.50.8', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'datasources': 'ApplicationEventLog'}

2019-01-15 11:25:55,396 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> finished, result: None

2019-01-15 11:25:55,396 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from SEND_EVENTS to IDLE

2019-01-15 11:25:55,406 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,406 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,406 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,406 DEBUG zen.MicrosoftWindows: EventLog Results: {'exit_code': 0,

'stderr': [u'Get-WinEvent : No events were found that match the specified selection criteria.',

u'At line:1 char:2642',

u'+ & { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return ""; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace("`r","").replace("`n"," "); $s = $s.replace(\'"\', \'\\\').replace("\\\'","\'"); $s = $s.replace("`t", " "); return "$($s)".replace(\'\\\',\'\\\\\').trim(); }; function EventLogToJSON { begin { $first = $True; \'[\' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.EntryType))`", `"TimeGenerated`": `"$(sstring($_.TimeGenerated))`", `"Source`": `"$(sstring($_.Source))`", `"InstanceId`": `"$(sstring($_.InstanceId))`", `"Message`": `"$(sstring($_.Message))`", `"UserName`": `"$(sstring($_.UserName))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.EventID))`" }" } end { \']\' } }; function EventLogRecordToJSON { begin { $first = $True; \'[\' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.LevelDisplayName))`", `"TimeGenerated`": `"$(sstring($_.TimeCreated))`", `"Source`": `"$(sstring($_.ProviderName))`", `"InstanceId`": `"$(sstring($_.Id))`", `"Message`": `"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`", `"UserName`": `"$(sstring($_.UserId))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.Id))`" }" } end { \']\' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\\SOFTWARE\\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\\SOFTWARE\\zenoss\\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\\SOFTWARE\\zenoss\\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem \'HKLM:\\software\\microsoft\\net framework setup\\ndp\'| % {$_.name.split(\'\\\')[5]} | ? { $_ -match \'v3.5|v[45].*\'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = \'<QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>\'; [Array]$events = Get-WinEvent <<<< -FilterXml $query.replace("{logname}",$logname).replace("{time}", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\\SOFTWARE\\zenoss\\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname "System" -selector {$True} -max_age 24 -eventid "SystemEventLog"; }',

u'+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception',

u'+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand'],

'stdout': []}

2019-01-15 11:25:55,406 DEBUG zen.MicrosoftWindows: 192.168.50.8: Event query error: Get-WinEvent : No events were found that match the specified selection criteria.

At line:1 char:2642

+ & { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return ""; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace("`r","").replace("`n"," "); $s = $s.replace('"', '\').replace("\'","'"); $s = $s.replace("`t", " "); return "$($s)".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.EntryType))`", `"TimeGenerated`": `"$(sstring($_.TimeGenerated))`", `"Source`": `"$(sstring($_.Source))`", `"InstanceId`": `"$(sstring($_.InstanceId))`", `"Message`": `"$(sstring($_.Message))`", `"UserName`": `"$(sstring($_.UserName))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.EventID))`" }" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = ""; $first = $False; } else { $separator = ","; } $separator + "{ `"EntryType`": `"$(sstring($_.LevelDisplayName))`", `"TimeGenerated`": `"$(sstring($_.TimeCreated))`", `"Source`": `"$(sstring($_.ProviderName))`", `"InstanceId`": `"$(sstring($_.Id))`", `"Message`": `"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`", `"UserName`": `"$(sstring($_.UserId))`", `"MachineName`": `"$(sstring($_.MachineName))`", `"EventID`": `"$(sstring($_.Id))`" }" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent <<<< -FilterXml $query.replace("{logname}",$logname).replace("{time}", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname "System" -selector {$True} -max_age 24 -eventid "SystemEventLog"; }

+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception

+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand

2019-01-15 11:25:55,406 DEBUG zen.MicrosoftWindows:

2019-01-15 11:25:55,406 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,406 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,407 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,407 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to SEND_EVENTS

2019-01-15 11:25:55,407 DEBUG zen.zenpython: Queued event (total of 6) {'rcvtime': 1547576755.407262, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: successful event collection', 'eventKey': 'WindowsEventCollection: SystemEventLog'}

2019-01-15 11:25:55,407 DEBUG zen.zenpython: Queued event (total of 7) {'rcvtime': 1547576755.407416, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: No PowerShell errors during event collection', 'eventKey': 'EventLogPowerShell: SystemEventLog'}

2019-01-15 11:25:55,407 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.8'}

2019-01-15 11:25:55,407 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.8'}

2019-01-15 11:25:55,408 DEBUG zen.zenpython: Queued event (total of 8) {'rcvtime': 1547576755.408049, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': None, 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting SystemEventLog datasource', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>', 'components': '', 'device': '192.168.50.8', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'datasources': 'SystemEventLog'}

2019-01-15 11:25:55,408 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> finished, result: None

2019-01-15 11:25:55,408 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from SEND_EVENTS to IDLE

2019-01-15 11:25:55,459 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,459 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,459 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,479 DEBUG zen.MicrosoftWindows: 192.168.50.8: Windows services query results: {EnumInfo(wql='select name, state, status, displayname from Win32_Service', resource_uri='http://schemas.microsoft.com/wbem/wsman/1/wmi/root/cimv2/*'): [

{ 'DisplayName': 'Application Experience',

'Name': 'AeLookupSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Application Layer Gateway Service',

'Name': 'ALG',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Application Host Helper Service',

'Name': 'AppHostSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Application Identity',

'Name': 'AppIDSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Application Information',

'Name': 'Appinfo',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Application Management',

'Name': 'AppMgmt',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'ASP.NET State Service',

'Name': 'aspnet_state',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Audio Endpoint Builder',

'Name': 'AudioEndpointBuilder',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Audio',

'Name': 'AudioSrv',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Base Filtering Engine',

'Name': 'BFE',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Background Intelligent Transfer Service',

'Name': 'BITS',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Computer Browser',

'Name': 'Browser',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Certificate Propagation',

'Name': 'CertPropSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft .NET Framework NGEN v2.0.50727_X86',

'Name': 'clr_optimization_v2.0.50727_32',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft .NET Framework NGEN v2.0.50727_X64',

'Name': 'clr_optimization_v2.0.50727_64',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft .NET Framework NGEN v4.0.30319_X86',

'Name': 'clr_optimization_v4.0.30319_32',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft .NET Framework NGEN v4.0.30319_X64',

'Name': 'clr_optimization_v4.0.30319_64',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'COM+ System Application',

'Name': 'COMSysApp',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Cryptographic Services',

'Name': 'CryptSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'DCOM Server Process Launcher',

'Name': 'DcomLaunch',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Disk Defragmenter',

'Name': 'defragsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'DHCP Client',

'Name': 'Dhcp',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Diagnostics Tracking Service',

'Name': 'DiagTrack',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'DNS Client',

'Name': 'Dnscache',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Wired AutoConfig',

'Name': 'dot3svc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Diagnostic Policy Service',

'Name': 'DPS',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Extensible Authentication Protocol',

'Name': 'EapHost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Encrypting File System (EFS)',

'Name': 'EFS',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Event Log',

'Name': 'eventlog',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'COM+ Event System',

'Name': 'EventSystem',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft Fibre Channel Platform Registration Service',

'Name': 'FCRegSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Function Discovery Provider Host',

'Name': 'fdPHost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Function Discovery Resource Publication',

'Name': 'FDResPub',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Font Cache Service',

'Name': 'FontCache',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Presentation Foundation Font Cache 3.0.0.0',

'Name': 'FontCache3.0.0.0',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Group Policy Client',

'Name': 'gpsvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Human Interface Device Access',

'Name': 'hidserv',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Health Key and Certificate Management',

'Name': 'hkmsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Network Policy Server',

'Name': 'IAS',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows CardSpace',

'Name': 'idsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Internet Explorer ETW Collector Service',

'Name': 'IEEtwCollectorService',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'IIS Admin Service',

'Name': 'IISADMIN',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'IKE and AuthIP IPsec Keying Modules',

'Name': 'IKEEXT',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'PnP-X IP Bus Enumerator',

'Name': 'IPBusEnum',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'IP Helper',

'Name': 'iphlpsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'CNG Key Isolation',

'Name': 'KeyIso',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'KtmRm for Distributed Transaction Coordinator',

'Name': 'KtmRm',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Server',

'Name': 'LanmanServer',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Workstation',

'Name': 'LanmanWorkstation',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Link-Layer Topology Discovery Mapper',

'Name': 'lltdsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'TCP/IP NetBIOS Helper',

'Name': 'lmhosts',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Multimedia Class Scheduler',

'Name': 'MMCSS',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Firewall',

'Name': 'MpsSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Distributed Transaction Coordinator',

'Name': 'MSDTC',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft iSCSI Initiator Service',

'Name': 'MSiSCSI',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Installer',

'Name': 'msiserver',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Network Access Protection Agent',

'Name': 'napagent',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Netlogon',

'Name': 'Netlogon',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Network Connections',

'Name': 'Netman',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Net.Msmq Listener Adapter',

'Name': 'NetMsmqActivator',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Net.Pipe Listener Adapter',

'Name': 'NetPipeActivator',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Network List Service',

'Name': 'netprofm',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Net.Tcp Listener Adapter',

'Name': 'NetTcpActivator',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Net.Tcp Port Sharing Service',

'Name': 'NetTcpPortSharing',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Network Location Awareness',

'Name': 'NlaSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Network Store Interface Service',

'Name': 'nsi',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Performance Counter DLL Host',

'Name': 'PerfHost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Performance Logs & Alerts',

'Name': 'pla',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Plug and Play',

'Name': 'PlugPlay',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'IPsec Policy Agent',

'Name': 'PolicyAgent',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Power', 'Name': 'Power', 'State': 'Running', 'Status': 'OK'},

{ 'DisplayName': 'User Profile Service',

'Name': 'ProfSvc',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Protected Storage',

'Name': 'ProtectedStorage',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Access Auto Connection Manager',

'Name': 'RasAuto',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Access Connection Manager',

'Name': 'RasMan',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Routing and Remote Access',

'Name': 'RemoteAccess',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Registry',

'Name': 'RemoteRegistry',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'RPC Endpoint Mapper',

'Name': 'RpcEptMapper',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'RPC/HTTP Load Balancing Service',

'Name': 'RPCHTTPLBS',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Remote Procedure Call (RPC) Locator',

'Name': 'RpcLocator',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Procedure Call (RPC)',

'Name': 'RpcSs',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Resultant Set of Policy Provider',

'Name': 'RSoPProv',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Special Administration Console Helper',

'Name': 'sacsvr',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Security Accounts Manager',

'Name': 'SamSs',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Smart Card',

'Name': 'SCardSvr',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Task Scheduler',

'Name': 'Schedule',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Smart Card Removal Policy',

'Name': 'SCPolicySvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Secondary Logon',

'Name': 'seclogon',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'System Event Notification Service',

'Name': 'SENS',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Remote Desktop Configuration',

'Name': 'SessionEnv',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Internet Connection Sharing (ICS)',

'Name': 'SharedAccess',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Shell Hardware Detection',

'Name': 'ShellHWDetection',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'SNMP Service',

'Name': 'SNMP',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'SNMP Trap',

'Name': 'SNMPTRAP',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Print Spooler',

'Name': 'Spooler',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Software Protection',

'Name': 'sppsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'SPP Notification Service',

'Name': 'sppuinotify',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'SSDP Discovery',

'Name': 'SSDPSRV',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Secure Socket Tunneling Protocol Service',

'Name': 'SstpSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Microsoft Software Shadow Copy Provider',

'Name': 'swprv',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Telephony',

'Name': 'TapiSrv',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Desktop Services',

'Name': 'TermService',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Thread Ordering Server',

'Name': 'THREADORDER',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Distributed Link Tracking Client',

'Name': 'TrkWks',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Modules Installer',

'Name': 'TrustedInstaller',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Desktop Gateway',

'Name': 'TSGateway',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Interactive Services Detection',

'Name': 'UI0Detect',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Remote Desktop Services UserMode Port Redirector',

'Name': 'UmRdpService',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'UPnP Device Host',

'Name': 'upnphost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Desktop Window Manager Session Manager',

'Name': 'UxSms',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Credential Manager',

'Name': 'VaultSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Virtual Disk',

'Name': 'vds',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Hyper-V Heartbeat Service',

'Name': 'vmicheartbeat',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Hyper-V Data Exchange Service',

'Name': 'vmickvpexchange',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Hyper-V Guest Shutdown Service',

'Name': 'vmicshutdown',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Hyper-V Time Synchronization Service',

'Name': 'vmictimesync',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Hyper-V Volume Shadow Copy Requestor',

'Name': 'vmicvss',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Volume Shadow Copy',

'Name': 'VSS',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Time',

'Name': 'W32Time',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'World Wide Web Publishing Service',

'Name': 'W3SVC',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Process Activation Service',

'Name': 'WAS',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Color System',

'Name': 'WcsPlugInService',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Diagnostic Service Host',

'Name': 'WdiServiceHost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Diagnostic System Host',

'Name': 'WdiSystemHost',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Event Collector',

'Name': 'Wecsvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Problem Reports and Solutions Control Panel Support',

'Name': 'wercplsupport',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Error Reporting Service',

'Name': 'WerSvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'WinHTTP Web Proxy Auto-Discovery Service',

'Name': 'WinHttpAutoProxySvc',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Management Instrumentation',

'Name': 'Winmgmt',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Remote Management (WS-Management)',

'Name': 'WinRM',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'WMI Performance Adapter',

'Name': 'wmiApSrv',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Portable Device Enumerator Service',

'Name': 'WPDBusEnum',

'State': 'Stopped',

'Status': 'OK'},

{ 'DisplayName': 'Windows Update',

'Name': 'wuauserv',

'State': 'Running',

'Status': 'OK'},

{ 'DisplayName': 'Windows Driver Foundation - User-mode Driver Framework',

'Name': 'wudfsvc',

'State': 'Stopped',

'Status': 'OK'}]}

2019-01-15 11:25:55,481 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,481 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from RUNNING to BLOCKING

2019-01-15 11:25:55,481 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from BLOCKING to RUNNING

2019-01-15 11:25:55,481 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from RUNNING to SEND_EVENTS

2019-01-15 11:25:55,481 DEBUG zen.zenpython: Queued event (total of 9) {'rcvtime': 1547576755.481806, 'severity': 0, 'service_name': 'IISADMIN', 'component': 'IISADMIN', 'agent': 'zenpython', 'summary': 'Service Recovered: IISADMIN has changed to Running state', 'manager': 'zenosscore.CC.local', 'service_status': 'OK', 'eventKey': 'WindowsService', 'device': '192.168.50.8', 'eventClass': '/Status/WinService', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'service_state': 'Running', 'monitor': 'localhost'}

2019-01-15 11:25:55,482 DEBUG zen.zenpython: Queued event (total of 10) {'rcvtime': 1547576755.48197, 'severity': 0, 'service_name': 'Netlogon', 'component': 'Netlogon', 'agent': 'zenpython', 'summary': 'Service Recovered: Netlogon has changed to Running state', 'manager': 'zenosscore.CC.local', 'service_status': 'OK', 'eventKey': 'WindowsService', 'device': '192.168.50.8', 'eventClass': '/Status/WinService', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'service_state': 'Running', 'monitor': 'localhost'}

2019-01-15 11:25:55,482 DEBUG zen.zenpython: Queued event (total of 11) {'rcvtime': 1547576755.482237, 'severity': 0, 'service_name': 'RpcSs', 'component': 'RpcSs', 'agent': 'zenpython', 'summary': 'Service Recovered: RpcSs has changed to Running state', 'manager': 'zenosscore.CC.local', 'service_status': 'OK', 'eventKey': 'WindowsService', 'device': '192.168.50.8', 'eventClass': '/Status/WinService', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'service_state': 'Running', 'monitor': 'localhost'}

2019-01-15 11:25:55,482 DEBUG zen.zenpython: Queued event (total of 12) {'rcvtime': 1547576755.482455, 'severity': 0, 'service_name': 'SamSs', 'component': 'SamSs', 'agent': 'zenpython', 'summary': 'Service Recovered: SamSs has changed to Running state', 'manager': 'zenosscore.CC.local', 'service_status': 'OK', 'eventKey': 'WindowsService', 'device': '192.168.50.8', 'eventClass': '/Status/WinService', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'service_state': 'Running', 'monitor': 'localhost'}

2019-01-15 11:25:55,482 DEBUG zen.zenpython: Queued event (total of 13) {'rcvtime': 1547576755.482676, 'severity': 0, 'agent': 'zenpython', 'summary': 'Windows Service Check: successful service collection', 'manager': 'zenosscore.CC.local', 'eventKey': 'WindowsServiceCollection', 'device': '192.168.50.8', 'eventClass': '/Status', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:55,482 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.8'}

2019-01-15 11:25:55,483 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.8'}

2019-01-15 11:25:55,483 DEBUG zen.zenpython: Queued event (total of 14) {'rcvtime': 1547576755.483223, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': '', 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting DefaultService datasource for multiple components', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin', 'components': 'IISADMIN,Netlogon,RpcSs,SamSs', 'device': '192.168.50.8', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'datasources': 'DefaultService'}

2019-01-15 11:25:55,483 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from SEND_EVENTS to STORE_PERF_DATA

2019-01-15 11:25:55,492 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/IISADMIN/state_state.rrd: 0.0, @ 1547576755

2019-01-15 11:25:55,493 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/Netlogon/state_state.rrd: 0.0, @ 1547576755

2019-01-15 11:25:55,502 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/RpcSs/state_state.rrd: 0.0, @ 1547576755

2019-01-15 11:25:55,502 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/SamSs/state_state.rrd: 0.0, @ 1547576755

2019-01-15 11:25:55,503 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin finished, result: None

2019-01-15 11:25:55,503 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin changing state from STORE_PERF_DATA to IDLE

2019-01-15 11:25:56,201 DEBUG zen.collector.scheduler: tasks to clean KeyedSet([<Products.ZenCollector.config.ConfigurationLoaderTask object at 0x664a350>])

2019-01-15 11:25:56,201 DEBUG zen.collector.scheduler: Cleanup on task configLoader <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x664a350>

2019-01-15 11:25:56,201 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=configLoader

2019-01-15 11:25:57,359 DEBUG zen.zenpython: Sending 14 events, 0 perf events, 0 heartbeats

2019-01-15 11:25:57,435 DEBUG zen.MicrosoftWindows: Get-Counter results: [(True, ([u'Readings : \\\\gateway\\logicaldisk(c:)\\% disk read time :', u'0', u'\\\\gateway\\logicaldisk(c:)\\% disk write time :', u'0.089997120092157', u'\\\\gateway\\logicaldisk(c:)\\disk read bytes/sec :', u'0', u'\\\\gateway\\logicaldisk(c:)\\disk write bytes/sec :', u'72952.4711497593', u'\\\\gateway\\logicaldisk(c:)\\free megabytes :', u'12940', u'\\\\gateway\\memory\\available bytes :', u'3268431872', u'\\\\gateway\\memory\\committed bytes :', u'990887936', u'\\\\gateway\\memory\\pages input/sec :', u'0', u'\\\\gateway\\memory\\pages output/sec :', u'0', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\bytes received/sec :', u'1676.47592028827', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\bytes sent/sec :', u'0', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\packets outbound errors :', u'0', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\packets received errors :', u'0', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\packets received/sec :', u'13.1369421119635', u'\\\\gateway\\network interface(microsoft virtual machine bus network adapter _3)\\packets sent/sec :', u'0', u'\\\\gateway\\paging file(_total)\\% usage :', u'0', u'\\\\gateway\\processor(_total)\\% privileged time :', u'0', u'\\\\gateway\\processor(_total)\\% processor time :', u'0.00319989760327877', u'\\\\gateway\\processor(_total)\\% user time :', u'0', u'\\\\gateway\\system\\system up time :', u'12731.229581'], []))]

2019-01-15 11:25:57,435 DEBUG zen.MicrosoftWindows: Windows Perfmon received Get-Counter data for 192.168.50.8

2019-01-15 11:25:57,435 DEBUG zen.MicrosoftWindows: Windows Perfmon starting data maintenance

2019-01-15 11:25:57,436 DEBUG zen.MicrosoftWindows: Windows Perfmon performing periodic data maintenance

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from RUNNING to BLOCKING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from BLOCKING to RUNNING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from RUNNING to BLOCKING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from BLOCKING to RUNNING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from RUNNING to BLOCKING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from BLOCKING to RUNNING

2019-01-15 11:25:57,436 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from RUNNING to SEND_EVENTS

2019-01-15 11:25:57,436 DEBUG zen.zenpython: Queued event (total of 1) {'rcvtime': 1547576757.436903, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'successfully started Get-Counter command(s)', 'eventKey': 'WindowsPerfmonCollection', 'ipAddress': '192.168.50.8'}

2019-01-15 11:25:57,437 DEBUG zen.zenpython: Queued event (total of 2) {'rcvtime': 1547576757.437082, 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': '0 counters missing in collection', 'eventKey': 'Windows Perfmon Missing Counters'}

2019-01-15 11:25:57,437 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.8'}

2019-01-15 11:25:57,437 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.8'}

2019-01-15 11:25:57,437 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.8', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Successful Perfmon Collection', 'eventKey': 'WindowsPerfmonCollection', 'ipAddress': '192.168.50.8'}

2019-01-15 11:25:57,437 DEBUG zen.zenpython: Queued event (total of 3) {'rcvtime': 1547576757.437878, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': '', 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting multiple datasources for multiple components', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.8 300 Windows Perfmon', 'components': '13-Microsoft Virtual Machine Bus Network Adapter _3,C', 'device': '192.168.50.8', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'datasources': 'DiskReadBytesSec,DiskReadTime,DiskWriteBytesSec,DiskWriteTime,FreeMegabytes,MemoryAvailableBytes,MemoryCommittedBytes,MemoryPagesInputSec,MemoryPagesOutputSec,PagingFileTotalUsage,ProcessorTotalPrivilegedTime,ProcessorTotalProcessorTime,ProcessorTotalUserTime,bytesReceivedSec,bytesSentSec,packetsReceivedErrors,packetsReceivedSec,packetsSentErrors,packetsSentSec,sysUpTime'}

2019-01-15 11:25:57,438 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from SEND_EVENTS to STORE_PERF_DATA

2019-01-15 11:25:57,446 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/MemoryAvailableBytes_MemoryAvailableBytes.rrd: 3268431872.0, @ 1547576757

2019-01-15 11:25:57,446 DEBUG zen.thresholds: Checking value 3268431872.0 on Devices/192.168.50.8/MemoryAvailableBytes_MemoryAvailableBytes

2019-01-15 11:25:57,460 DEBUG zen.MinMaxCheck: Checking MemoryAvailableBytes_MemoryAvailableBytes 3268431872.0 against min 429450035.2 and max None

2019-01-15 11:25:57,460 DEBUG zen.zenpython: Queued event (total of 4) {'rcvtime': 1547576757.460376, 'severity': 0, 'min': 429450035.20000005, 'max': None, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of Memory restored: current value 3268431872.000000', 'current': 3268431872.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|MemoryAvailableBytes_MemoryAvailableBytes|Memory', 'device': '192.168.50.8', 'eventClass': '/Perf/Memory', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,460 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/MemoryCommittedBytes_MemoryCommittedBytes.rrd: 990887936.0, @ 1547576757

2019-01-15 11:25:57,467 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/MemoryPagesInputSec_MemoryPagesInputSec.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,469 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/MemoryPagesOutputSec_MemoryPagesOutputSec.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,477 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/PagingFileTotalUsage_PagingFileTotalUsage.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,477 DEBUG zen.thresholds: Checking value 0.0 on Devices/192.168.50.8/PagingFileTotalUsage_PagingFileTotalUsage

2019-01-15 11:25:57,478 DEBUG zen.MinMaxCheck: Checking PagingFileTotalUsage_PagingFileTotalUsage 0.0 against min None and max 95

2019-01-15 11:25:57,478 DEBUG zen.zenpython: Queued event (total of 5) {'rcvtime': 1547576757.478252, 'severity': 0, 'min': None, 'max': 95, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of Paging File Usage restored: current value 0.000000', 'current': 0.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|PagingFileTotalUsage_PagingFileTotalUsage|Paging File Usage', 'device': '192.168.50.8', 'eventClass': '/Perf', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,483 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/ProcessorTotalPrivilegedTime_ProcessorTotalPrivilegedTime.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,512 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/ProcessorTotalProcessorTime_ProcessorTotalProcessorTime.rrd: 0.00319989760327877, @ 1547576757

2019-01-15 11:25:57,512 DEBUG zen.thresholds: Checking value 0.00319989760328 on Devices/192.168.50.8/ProcessorTotalProcessorTime_ProcessorTotalProcessorTime

2019-01-15 11:25:57,527 DEBUG zen.MinMaxCheck: Checking ProcessorTotalProcessorTime_ProcessorTotalProcessorTime 0.00319989760328 against min None and max 90

2019-01-15 11:25:57,527 DEBUG zen.zenpython: Queued event (total of 6) {'rcvtime': 1547576757.527439, 'severity': 0, 'min': None, 'max': 90, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of CPU Utilization restored: current value 0.003200', 'current': 0.00319989760327877, 'manager': 'zenosscore.CC.local', 'eventKey': '|ProcessorTotalProcessorTime_ProcessorTotalProcessorTime|CPU Utilization', 'device': '192.168.50.8', 'eventClass': '/Perf/CPU', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,528 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/ProcessorTotalUserTime_ProcessorTotalUserTime.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,535 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/sysUpTime_sysUpTime.rrd: 1273122.9581, @ 1547576757

2019-01-15 11:25:57,544 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/bytesReceivedSec_bytesReceivedSec.rrd: 1676.47592028827, @ 1547576757

2019-01-15 11:25:57,544 DEBUG zen.thresholds: Checking value 1676.47592029 on Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/bytesReceivedSec_bytesReceivedSec

2019-01-15 11:25:57,545 DEBUG zen.MinMaxCheck: Checking bytesReceivedSec_bytesReceivedSec 1676.47592029 against min None and max 937500000.0

2019-01-15 11:25:57,545 DEBUG zen.zenpython: Queued event (total of 7) {'rcvtime': 1547576757.54543, 'severity': 0, 'min': None, 'max': 937500000.0, 'component': '13-Microsoft Virtual Machine Bus Network Adapter _3', 'agent': 'zenpython', 'summary': 'threshold of high utilization restored: current value 1676.475920', 'current': 1676.47592028827, 'manager': 'zenosscore.CC.local', 'eventKey': '|bytesReceivedSec_bytesReceivedSec|high utilization', 'device': '192.168.50.8', 'eventClass': '/Status/Interface', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,545 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/bytesSentSec_bytesSentSec.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,546 DEBUG zen.thresholds: Checking value 0.0 on Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/bytesSentSec_bytesSentSec

2019-01-15 11:25:57,547 DEBUG zen.MinMaxCheck: Checking bytesSentSec_bytesSentSec 0.0 against min None and max 937500000.0

2019-01-15 11:25:57,547 DEBUG zen.zenpython: Queued event (total of 8) {'rcvtime': 1547576757.547157, 'severity': 0, 'min': None, 'max': 937500000.0, 'component': '13-Microsoft Virtual Machine Bus Network Adapter _3', 'agent': 'zenpython', 'summary': 'threshold of high utilization restored: current value 0.000000', 'current': 0.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|bytesSentSec_bytesSentSec|high utilization', 'device': '192.168.50.8', 'eventClass': '/Status/Interface', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,547 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/packetsReceivedErrors_packetsReceivedErrors.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,548 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/packetsReceivedSec_packetsReceivedSec.rrd: 13.1369421119635, @ 1547576757

2019-01-15 11:25:57,548 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/packetsSentErrors_packetsSentErrors.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,549 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/13-Microsoft Virtual Machine Bus Network Adapter _3/packetsSentSec_packetsSentSec.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,554 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/C/DiskReadBytesSec_DiskReadBytesSec.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,558 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/C/DiskReadTime_DiskReadTime.rrd: 0.0, @ 1547576757

2019-01-15 11:25:57,560 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/C/DiskWriteBytesSec_DiskWriteBytesSec.rrd: 72952.4711497593, @ 1547576757

2019-01-15 11:25:57,565 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/C/DiskWriteTime_DiskWriteTime.rrd: 0.089997120092157, @ 1547576757

2019-01-15 11:25:57,565 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.8/C/FreeMegabytes_FreeMegabytes.rrd: 12940.0, @ 1547576757

2019-01-15 11:25:57,565 DEBUG zen.thresholds: Checking value 12940.0 on Devices/192.168.50.8/C/FreeMegabytes_FreeMegabytes

2019-01-15 11:25:57,566 DEBUG zen.MinMaxCheck: Checking FreeMegabytes_FreeMegabytes 12940.0 against min 2810.75 and max None

2019-01-15 11:25:57,566 DEBUG zen.zenpython: Queued event (total of 9) {'rcvtime': 1547576757.566659, 'severity': 0, 'min': 2810.75, 'max': None, 'component': 'C', 'agent': 'zenpython', 'summary': 'threshold of low disk space restored: current value 12940.000000', 'current': 12940.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|FreeMegabytes_FreeMegabytes|low disk space', 'device': '192.168.50.8', 'eventClass': '/Perf/Filesystem', 'device_guid': '164e5184-f468-4d43-a662-288d73296f7c', 'monitor': 'localhost'}

2019-01-15 11:25:57,566 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon finished, result: None

2019-01-15 11:25:57,566 DEBUG zen.collector.scheduler: Task 192.168.50.8 300 Windows Perfmon changing state from STORE_PERF_DATA to IDLE

2019-01-15 11:25:57,567 INFO zen.zenpython: 1 devices processed (24 datapoints)

2019-01-15 11:25:57,567 INFO zen.collector.scheduler: Tasks: 5 Successful_Runs: 4 Failed_Runs: 0 Missed_Runs: 0 Queued_Tasks: 0 Running_Tasks: 1

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: In shutdown stage before

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{})

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: Removing task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin, *(), **{})

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: Removing task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin

2019-01-15 11:25:57,567 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{})

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Removing task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.8 300 Windows Perfmon

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.8 300 Windows Perfmon, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.8 300 Windows Perfmon, *(), **{})

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Removing task 192.168.50.8 300 Windows Perfmon

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Removing task configLoader

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: tasks to clean KeyedSet([<__main__.PythonCollectionTask object at 0x7544850>, <__main__.PythonCollectionTask object at 0x7544bd0>, <__main__.PythonCollectionTask object at 0x7544c50>, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x6653510>, <__main__.PythonCollectionTask object at 0x7544cd0>])

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.8 300 Windows Perfmon <__main__.PythonCollectionTask object at 0x7544850>

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=<DelayedCall 0x4bc55a8 [0.999966859818s] called=0 cancelled=0 PerfmonDataSourcePlugin.stop()> task.name=192.168.50.8 300 Windows Perfmon

2019-01-15 11:25:57,568 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> <__main__.PythonCollectionTask object at 0x7544bd0>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=192.168.50.8 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> <__main__.PythonCollectionTask object at 0x7544c50>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=192.168.50.8 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Cleanup on task configLoader <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x6653510>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=configLoader

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin <__main__.PythonCollectionTask object at 0x7544cd0>

2019-01-15 11:25:57,569 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=192.168.50.8 300 ZenPacks.zenoss.Microsoft.Windows.datasources.ServiceDataSource.ServicePlugin

2019-01-15 11:25:57,569 DEBUG zen.zenpython: Tried to stop reactor that was stopped

2019-01-15 11:25:57,569 INFO zen.zenpython: Daemon CollectorDaemon shutting down

2019-01-15 11:25:57,570 DEBUG zen.zenpython: Sending 9 events, 0 perf events, 0 heartbeats

2019-01-15 11:25:57,593 DEBUG zen.zenpython: Removing service EventService

2019-01-15 11:25:57,593 DEBUG zen.zenpython: Removing service ZenPacks.zenoss.PythonCollector.services.PythonConfig

2019-01-15 11:25:57,594 DEBUG zen.pbclientfactory: Lost connection to ::1:8789 - [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionLost'>: Connection to the other side was lost in a non-clean fashion: Connection lost.

]

2019-01-15 11:25:57,594 DEBUG zen.collector.scheduler: In shutdown stage during

2019-01-15 11:25:57,594 DEBUG zen.collector.scheduler: In shutdown stage after

2016


2019-01-15 11:30:38,414 INFO zen.python: plugins disabled by watchdog: []
2019-01-15 11:30:38,414 INFO zen.python: starting watchdog with 30.0s timeout
2019-01-15 11:30:38,414 DEBUG zen.watchdog: started
2019-01-15 11:30:38,415 DEBUG zen.zenpython: Starting PBDaemon initialization
2019-01-15 11:30:38,415 INFO zen.zenpython: Connecting to localhost:8789
2019-01-15 11:30:38,416 DEBUG zen.pbclientfactory: Starting connection...
2019-01-15 11:30:38,416 DEBUG zen.zenpython: Logging in as admin
2019-01-15 11:30:38,416 DEBUG zen.pbclientfactory: Connected
2019-01-15 11:30:38,416 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 11:30:38,419 DEBUG zen.pbclientfactory: Sending credentials
2019-01-15 11:30:38,421 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 11:30:38,421 INFO zen.zenpython: Connected to ZenHub
2019-01-15 11:30:38,422 DEBUG zen.zenpython: Setting up initial services: EventService, ZenPacks.zenoss.PythonCollector.services.PythonConfig
2019-01-15 11:30:38,422 DEBUG zen.zenpython: Chaining getInitialServices with d2
2019-01-15 11:30:38,422 DEBUG zen.pbclientfactory: pinging perspective
2019-01-15 11:30:38,423 DEBUG zen.zenpython: Loaded service EventService from zenhub
2019-01-15 11:30:38,423 DEBUG zen.zenpython: Loaded service ZenPacks.zenoss.PythonCollector.services.PythonConfig from zenhub
2019-01-15 11:30:38,423 DEBUG zen.zenpython: Queued event (total of 1) {'rcvtime': 1547577038.423872, 'severity': 0, 'component': 'zenpython', 'agent': 'zenpython', 'summary': 'started', 'manager': 'zenosscore.CC.local', 'device': 'localhost', 'eventClass': '/App/Start', 'monitor': 'localhost'}
2019-01-15 11:30:38,424 DEBUG zen.zenpython: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 11:30:38,424 DEBUG zen.zenpython: Calling connected.
2019-01-15 11:30:38,424 DEBUG zen.collector.config: Heartbeat timeout set to 900s
2019-01-15 11:30:38,424 DEBUG zen.collector.scheduler: add task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7300350> using 2592000 second interval
2019-01-15 11:30:38,425 DEBUG zen.zenpython: Performing periodic maintenance
2019-01-15 11:30:38,425 DEBUG zen.pbclientfactory: perspective ponged
2019-01-15 11:30:38,425 DEBUG zen.pbclientfactory: Cancelling ping timeout
2019-01-15 11:30:38,425 DEBUG zen.collector.scheduler: Task configLoader starting (waited 0 seconds) on 2592000 second intervals
2019-01-15 11:30:38,425 DEBUG zen.collector.scheduler: Task configLoader changing state from IDLE to QUEUED
2019-01-15 11:30:38,425 DEBUG zen.collector.scheduler: Task configLoader changing state from QUEUED to RUNNING
2019-01-15 11:30:38,425 DEBUG zen.collector.config: configLoader gathering configuration
2019-01-15 11:30:38,425 DEBUG zen.collector.config: Fetching daemon configuration properties
2019-01-15 11:30:38,439 DEBUG zen.collector.scheduler: Task configLoader changing state from RUNNING to FETCHING_MISC_CONFIG
2019-01-15 11:30:38,439 DEBUG zen.zenpython: Updated configCycleInterval preference to 360
2019-01-15 11:30:38,439 DEBUG zen.zenpython: Changing config task interval from 43200 to 360 minutes
2019-01-15 11:30:38,439 DEBUG zen.collector.scheduler: Stopping task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7300350>
2019-01-15 11:30:38,439 DEBUG zen.collector.scheduler: call finished LoopingCall<2592000>(CallableTask: configLoader, *(), **{}) : LoopingCall<2592000>(CallableTask: configLoader, *(), **{})
2019-01-15 11:30:38,439 INFO zen.collector.scheduler: Detailed Task Statistics:
configLoader Current State: FETCHING_MISC_CONFIG Successful_Runs: 1 Failed_Runs: 0 Missed_Runs: 0

Detailed Task States:
configLoader State: RUNNING Total: 1 Total Elapsed: 0.0136 Min: 0.0136 Max: 0.0136 Mean: 0.0136 StdDev: 0.0000
configLoader State: QUEUED Total: 1 Total Elapsed: 0.0002 Min: 0.0002 Max: 0.0002 Mean: 0.0002 StdDev: 0.0000


2019-01-15 11:30:38,440 DEBUG zen.collector.config: Heartbeat timeout set to 900s
2019-01-15 11:30:38,440 DEBUG zen.collector.scheduler: add task configLoader, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7309510> using 21600 second interval
2019-01-15 11:30:38,440 DEBUG zen.collector.config: Fetching threshold classes
2019-01-15 11:30:38,443 DEBUG zen.zenpython: Loading classes ['Products.ZenModel.MinMaxThreshold', 'Products.ZenModel.ValueChangeThreshold', 'ZenPacks.community.deviceAdvDetail.thresholds.StatusThreshold']
2019-01-15 11:30:38,444 DEBUG zen.collector.config: Fetching collector thresholds
2019-01-15 11:30:38,450 DEBUG zen.thresholds: Updating threshold ('high event queue', ('localhost collector', ''))
2019-01-15 11:30:38,451 DEBUG zen.thresholds: Updating threshold ('zenmodeler cycle time', ('localhost collector', ''))
2019-01-15 11:30:38,451 DEBUG zen.collector.config: Fetching configurations
2019-01-15 11:30:38,518 DEBUG zen.zenpython: updateDeviceConfigs: updatedConfigs=['192.168.50.14']
2019-01-15 11:30:38,518 DEBUG zen.zenpython: Processing configuration for 192.168.50.14
2019-01-15 11:30:38,519 DEBUG zen.daemon: DummyListener: configuration 192.168.50.14 added
2019-01-15 11:30:38,519 DEBUG zen.collector.tasks: Splitting config 192.168.50.14
2019-01-15 11:30:38,520 DEBUG zen.MicrosoftWindows: 192.168.50.14: Windows Perfmon Creating 1 long running command(s)
2019-01-15 11:30:38,521 DEBUG zen.zenpython: Tasks for config 192.168.50.14: {'192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>': <__main__.PythonCollectionTask object at 0x80deb10>, '192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>': <__main__.PythonCollectionTask object at 0x5e5e9d0>, '192.168.50.14 300 Windows Perfmon': <__main__.PythonCollectionTask object at 0x5e5ec90>}
2019-01-15 11:30:38,521 DEBUG zen.collector.scheduler: add task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, <__main__.PythonCollectionTask object at 0x80deb10> using 300 second interval
2019-01-15 11:30:38,521 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.14', ''))
2019-01-15 11:30:38,521 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.14', ''))
2019-01-15 11:30:38,521 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.14', ''))
2019-01-15 11:30:38,521 DEBUG zen.collector.scheduler: add task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, <__main__.PythonCollectionTask object at 0x5e5e9d0> using 300 second interval
2019-01-15 11:30:38,521 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.14', ''))
2019-01-15 11:30:38,521 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.14', ''))
2019-01-15 11:30:38,522 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.14', ''))
2019-01-15 11:30:38,522 DEBUG zen.collector.scheduler: add task 192.168.50.14 300 Windows Perfmon, <__main__.PythonCollectionTask object at 0x5e5ec90> using 300 second interval
2019-01-15 11:30:38,522 DEBUG zen.thresholds: Updating threshold ('CPU Utilization', ('192.168.50.14', ''))
2019-01-15 11:30:38,522 DEBUG zen.thresholds: Updating threshold ('Memory', ('192.168.50.14', ''))
2019-01-15 11:30:38,522 DEBUG zen.thresholds: Updating threshold ('Paging File Usage', ('192.168.50.14', ''))
2019-01-15 11:30:38,522 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> starting (waited 0 seconds) on 300 second intervals
2019-01-15 11:30:38,522 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from IDLE to QUEUED
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> starting (waited 0 seconds) on 300 second intervals
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from IDLE to QUEUED
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon starting (waited 0 seconds) on 300 second intervals
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from IDLE to QUEUED
2019-01-15 11:30:38,523 DEBUG zen.zenpython: purgeOmittedDevices: deletedConfigs=
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task configLoader finished, result: 'Configuration loaded'
2019-01-15 11:30:38,523 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from QUEUED to RUNNING
2019-01-15 11:30:38,524 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:38,524 DEBUG zen.MicrosoftWindows: 192.168.50.14 Start Collection of Events
2019-01-15 11:30:38,524 DEBUG zen.MicrosoftWindows: sending event script: "& { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return \"\"; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace(\"`r\",\"\").replace(\"`n\",\" \"); $s = $s.replace('\"', '\\"').replace(\"\'\",\"'\"); $s = $s.replace(\"`t\", \" \"); return \"$($s)\".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.EntryType))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeGenerated))`\", `\"Source`\": `\"$(sstring($_.Source))`\", `\"InstanceId`\": `\"$(sstring($_.InstanceId))`\", `\"Message`\": `\"$(sstring($_.Message))`\", `\"UserName`\": `\"$(sstring($_.UserName))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.EventID))`\" }\" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.LevelDisplayName))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeCreated))`\", `\"Source`\": `\"$(sstring($_.ProviderName))`\", `\"InstanceId`\": `\"$(sstring($_.Id))`\", `\"Message`\": `\"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`\", `\"UserName`\": `\"$(sstring($_.UserId))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.Id))`\" }\" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path=\"Application\" Id=\"0\"> <Select Path=\"Application\">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent -FilterXml $query.replace(\"{logname}\",$logname).replace(\"{time}\", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname \"Application\" -selector {$True} -max_age 24 -eventid \"ApplicationEventLog\"; }"
2019-01-15 11:30:38,525 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:38,525 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from QUEUED to RUNNING
2019-01-15 11:30:38,526 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:38,526 DEBUG zen.MicrosoftWindows: 192.168.50.14 Start Collection of Events
2019-01-15 11:30:38,526 DEBUG zen.MicrosoftWindows: sending event script: "& { $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size(4096, 1024); function sstring($s) { if ($s -eq $null) { return \"\"; }; if ($s.GetType() -eq [System.Security.Principal.SecurityIdentifier]) { [String]$s = $s.Translate( [System.Security.Principal.NTAccount]); } elseif ($s.GetType() -ne [String]) { [String]$s = $s; }; $s = $s.replace(\"`r\",\"\").replace(\"`n\",\" \"); $s = $s.replace('\"', '\\"').replace(\"\'\",\"'\"); $s = $s.replace(\"`t\", \" \"); return \"$($s)\".replace('\','\\').trim(); }; function EventLogToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.EntryType))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeGenerated))`\", `\"Source`\": `\"$(sstring($_.Source))`\", `\"InstanceId`\": `\"$(sstring($_.InstanceId))`\", `\"Message`\": `\"$(sstring($_.Message))`\", `\"UserName`\": `\"$(sstring($_.UserName))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.EventID))`\" }\" } end { ']' } }; function EventLogRecordToJSON { begin { $first = $True; '[' } process { if ($first) { $separator = \"\"; $first = $False; } else { $separator = \",\"; } $separator + \"{ `\"EntryType`\": `\"$(sstring($_.LevelDisplayName))`\", `\"TimeGenerated`\": `\"$(sstring($_.TimeCreated))`\", `\"Source`\": `\"$(sstring($_.ProviderName))`\", `\"InstanceId`\": `\"$(sstring($_.Id))`\", `\"Message`\": `\"$(if ($_.Message){$(sstring($_.Message))}else{$(sstring($_.FormatDescription()))})`\", `\"UserName`\": `\"$(sstring($_.UserId))`\", `\"MachineName`\": `\"$(sstring($_.MachineName))`\", `\"EventID`\": `\"$(sstring($_.Id))`\" }\" } end { ']' } }; function get_new_recent_entries($logname, $selector, $max_age, $eventid) { $x=New-Item HKCU:\SOFTWARE\zenoss -ea SilentlyContinue; $x=New-Item HKCU:\SOFTWARE\zenoss\logs -ea SilentlyContinue; $last_read = Get-ItemProperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -ea SilentlyContinue; [DateTime]$yesterday = (Get-Date).AddHours(-$max_age); [DateTime]$after = $yesterday; if ($last_read) { $last_read = [DateTime]$last_read.$eventid; if ($last_read -gt $yesterday) { $after = $last_read; }; }; $win2003 = [environment]::OSVersion.Version.Major -lt 6; $dotnets = Get-ChildItem 'HKLM:\software\microsoft\net framework setup\ndp'| % {$_.name.split('\')[5]} | ? { $_ -match 'v3.5|v[45].*'}; if ($win2003 -eq $false -and $dotnets -ne $null) { $query = '<QueryList> <Query Path=\"System\" Id=\"0\"> <Select Path=\"System\">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>'; [Array]$events = Get-WinEvent -FilterXml $query.replace(\"{logname}\",$logname).replace(\"{time}\", ((Get-Date) - $after).TotalMilliseconds); } else { [Array]$events = Get-EventLog -After $after -LogName $logname; }; [DateTime]$last_read = get-date; Set-Itemproperty -Path HKCU:\SOFTWARE\zenoss\logs -Name $eventid -Value ([String]$last_read); if ($events -eq $null) { return; }; if($events) { [Array]::Reverse($events); }; if ($win2003 -and $dotnets -eq $null) { @($events | ? $selector) | EventLogToJSON } else { @($events | ? $selector) | EventLogRecordToJSON } }; get_new_recent_entries -logname \"System\" -selector {$True} -max_age 24 -eventid \"SystemEventLog\"; }"
2019-01-15 11:30:38,526 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:38,526 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from QUEUED to RUNNING
2019-01-15 11:30:38,527 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from RUNNING to BLOCKING
2019-01-15 11:30:38,527 DEBUG zen.MicrosoftWindows: Windows Perfmon starting Get-Counter on 192.168.50.14
2019-01-15 11:30:38,527 DEBUG zen.MicrosoftWindows: 192.168.50.14: Starting Perfmon collection script: "& {[System.Console]::OutputEncoding = New-Object System.Text.UTF8Encoding($False); $FormatEnumerationLimit = -1; $Host.UI.RawUI.BufferSize = New-Object Management.Automation.Host.Size (4096, 1024); get-counter -ea silentlycontinue -SampleInterval 1 -MaxSamples 1 -counter @(('\memory\available bytes'),('\memory\committed bytes'),('\memory\pages input/sec'),('\memory\pages output/sec'),('\paging file(_total)\% usage'),('\processor(_total)\% privileged time'),('\processor(_total)\% processor time'),('\processor(_total)\% user time'),('\system\system up time')) | Format-List -Property Readings; }"
2019-01-15 11:30:38,527 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,705 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,705 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,705 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,706 DEBUG zen.MicrosoftWindows: EventLog Results: {'exit_code': 0,
'stderr': [u'Get-WinEvent : No events were found that match the specified selection criteria.',
u'At line:1 char:2640',
u'+ ... y]$events = Get-WinEvent -FilterXml $query.replace("{logname}",$logna ...',
u'+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~',
u'+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception',
u'+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand'],
'stdout': []}
2019-01-15 11:30:39,706 DEBUG zen.MicrosoftWindows: 192.168.50.14: Event query error: Get-WinEvent : No events were found that match the specified selection criteria.
At line:1 char:2640
+ ... y]$events = Get-WinEvent -FilterXml $query.replace("{logname}",$logna ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception
+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand
2019-01-15 11:30:39,706 DEBUG zen.MicrosoftWindows:
2019-01-15 11:30:39,706 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,706 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,706 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,706 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to SEND_EVENTS
2019-01-15 11:30:39,707 DEBUG zen.zenpython: Queued event (total of 1) {'rcvtime': 1547577039.706994, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: successful event collection', 'eventKey': 'WindowsEventCollection: ApplicationEventLog'}
2019-01-15 11:30:39,707 DEBUG zen.zenpython: Queued event (total of 2) {'rcvtime': 1547577039.707166, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: No PowerShell errors during event collection', 'eventKey': 'EventLogPowerShell: ApplicationEventLog'}
2019-01-15 11:30:39,707 DEBUG zen.zenpython: Queued event (total of 3) {'rcvtime': 1547577039.707451, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.14'}
2019-01-15 11:30:39,707 DEBUG zen.zenpython: Queued event (total of 4) {'rcvtime': 1547577039.707673, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.14'}
2019-01-15 11:30:39,707 DEBUG zen.zenpython: Queued event (total of 5) {'rcvtime': 1547577039.707885, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': None, 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting ApplicationEventLog datasource', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>', 'components': '', 'device': '192.168.50.14', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'datasources': 'ApplicationEventLog'}
2019-01-15 11:30:39,708 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> finished, result: None
2019-01-15 11:30:39,708 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from SEND_EVENTS to IDLE
2019-01-15 11:30:39,758 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,758 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,758 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,758 DEBUG zen.MicrosoftWindows: EventLog Results: {'exit_code': 0,
'stderr': [u'Get-WinEvent : No events were found that match the specified selection criteria.',
u'At line:1 char:2630',
u'+ ... y]$events = Get-WinEvent -FilterXml $query.replace("{logname}",$logna ...',
u'+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~',
u'+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception',
u'+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand'],
'stdout': []}
2019-01-15 11:30:39,758 DEBUG zen.MicrosoftWindows: 192.168.50.14: Event query error: Get-WinEvent : No events were found that match the specified selection criteria.
At line:1 char:2630
+ ... y]$events = Get-WinEvent -FilterXml $query.replace("{logname}",$logna ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (:) [Get-WinEvent], Exception
+ FullyQualifiedErrorId : NoMatchingEventsFound,Microsoft.PowerShell.Commands.GetWinEventCommand
2019-01-15 11:30:39,758 DEBUG zen.MicrosoftWindows:
2019-01-15 11:30:39,758 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,759 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to BLOCKING
2019-01-15 11:30:39,759 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from BLOCKING to RUNNING
2019-01-15 11:30:39,759 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from RUNNING to SEND_EVENTS
2019-01-15 11:30:39,759 DEBUG zen.zenpython: Queued event (total of 6) {'rcvtime': 1547577039.759296, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: successful event collection', 'eventKey': 'WindowsEventCollection: SystemEventLog'}
2019-01-15 11:30:39,759 DEBUG zen.zenpython: Queued event (total of 7) {'rcvtime': 1547577039.759449, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'WindowsEventLogSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'monitor': 'localhost', 'severity': 0, 'summary': 'Windows EventLog: No PowerShell errors during event collection', 'eventKey': 'EventLogPowerShell: SystemEventLog'}
2019-01-15 11:30:39,759 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.14'}
2019-01-15 11:30:39,759 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.14'}
2019-01-15 11:30:39,760 DEBUG zen.zenpython: Queued event (total of 8) {'rcvtime': 1547577039.760076, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': None, 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting SystemEventLog datasource', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>', 'components': '', 'device': '192.168.50.14', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'datasources': 'SystemEventLog'}
2019-01-15 11:30:39,760 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> finished, result: None
2019-01-15 11:30:39,760 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> changing state from SEND_EVENTS to IDLE
2019-01-15 11:30:40,736 DEBUG zen.MicrosoftWindows: Get-Counter results: [(True, ([u'Readings : \\\\davinci\\memory\\available bytes :', u'11295133696', u'\\\\davinci\\memory\\committed bytes :', u'6036549632', u'\\\\davinci\\memory\\pages input/sec :', u'0', u'\\\\davinci\\memory\\pages output/sec :', u'0', u'\\\\davinci\\paging file(_total)\\% usage :', u'0', u'\\\\davinci\\processor(_total)\\% privileged time :', u'11.3269837092486', u'\\\\davinci\\processor(_total)\\% processor time :', u'12.5088541039647', u'\\\\davinci\\processor(_total)\\% user time :', u'1.17175141875642', u'\\\\davinci\\system\\system up time :', u'1030423.1333304'], []))]
2019-01-15 11:30:40,736 DEBUG zen.MicrosoftWindows: Windows Perfmon received Get-Counter data for 192.168.50.14
2019-01-15 11:30:40,737 DEBUG zen.MicrosoftWindows: Windows Perfmon starting data maintenance
2019-01-15 11:30:40,737 DEBUG zen.MicrosoftWindows: Windows Perfmon performing periodic data maintenance
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from RUNNING to BLOCKING
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from BLOCKING to RUNNING
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from RUNNING to BLOCKING
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from BLOCKING to RUNNING
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from RUNNING to BLOCKING
2019-01-15 11:30:40,737 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from BLOCKING to RUNNING
2019-01-15 11:30:40,738 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from RUNNING to SEND_EVENTS
2019-01-15 11:30:40,738 DEBUG zen.zenpython: Queued event (total of 9) {'rcvtime': 1547577040.738128, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'successfully started Get-Counter command(s)', 'eventKey': 'WindowsPerfmonCollection', 'ipAddress': '192.168.50.14'}
2019-01-15 11:30:40,738 DEBUG zen.zenpython: Queued event (total of 10) {'rcvtime': 1547577040.738299, 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': '0 counters missing in collection', 'eventKey': 'Windows Perfmon Missing Counters'}
2019-01-15 11:30:40,738 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'AuthenticationSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm/Auth', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Authentication Successful', 'eventKey': 'Authentication|192.168.50.14'}
2019-01-15 11:30:40,738 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'eventClassKey': 'KerberosSuccess', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Kerberos', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'No Kerberos failures', 'eventKey': 'Kerberos|192.168.50.14'}
2019-01-15 11:30:40,738 DEBUG zen.zenpython: allowduplicateclears dropping clear event {'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'agent': 'zenpython', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'plugin_classname': 'ZenPacks.zenoss.Microsoft.Windows.datasources.PerfmonDataSource.PerfmonDataSourcePlugin', 'severity': 0, 'monitor': 'localhost', 'summary': 'Successful Perfmon Collection', 'eventKey': 'WindowsPerfmonCollection', 'ipAddress': '192.168.50.14'}
2019-01-15 11:30:40,739 DEBUG zen.zenpython: Queued event (total of 11) {'rcvtime': 1547577040.739124, 'severity': 0, 'eventClassKey': 'zenpython-timeout', 'component': None, 'monitor': 'localhost', 'agent': 'zenpython', 'summary': 'timeout collecting multiple datasources', 'manager': 'zenosscore.CC.local', 'eventKey': 'zenpython-timeout|192.168.50.14 300 Windows Perfmon', 'components': '', 'device': '192.168.50.14', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'datasources': 'MemoryAvailableBytes,MemoryCommittedBytes,MemoryPagesInputSec,MemoryPagesOutputSec,PagingFileTotalUsage,ProcessorTotalPrivilegedTime,ProcessorTotalProcessorTime,ProcessorTotalUserTime,sysUpTime'}
2019-01-15 11:30:40,739 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from SEND_EVENTS to STORE_PERF_DATA
2019-01-15 11:30:40,752 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/MemoryAvailableBytes_MemoryAvailableBytes.rrd: 11295133696.0, @ 1547577040
2019-01-15 11:30:40,752 DEBUG zen.thresholds: Checking value 11295133696.0 on Devices/192.168.50.14/MemoryAvailableBytes_MemoryAvailableBytes
2019-01-15 11:30:40,752 DEBUG zen.MinMaxCheck: Checking MemoryAvailableBytes_MemoryAvailableBytes 11295133696.0 against min 0.0 and max None
2019-01-15 11:30:40,753 DEBUG zen.zenpython: Queued event (total of 12) {'rcvtime': 1547577040.752978, 'severity': 0, 'min': 0.0, 'max': None, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of Memory restored: current value 11295133696.000000', 'current': 11295133696.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|MemoryAvailableBytes_MemoryAvailableBytes|Memory', 'device': '192.168.50.14', 'eventClass': '/Perf/Memory', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'monitor': 'localhost'}
2019-01-15 11:30:40,770 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/MemoryCommittedBytes_MemoryCommittedBytes.rrd: 6036549632.0, @ 1547577040
2019-01-15 11:30:40,771 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/MemoryPagesInputSec_MemoryPagesInputSec.rrd: 0.0, @ 1547577040
2019-01-15 11:30:40,774 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/MemoryPagesOutputSec_MemoryPagesOutputSec.rrd: 0.0, @ 1547577040
2019-01-15 11:30:40,775 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/PagingFileTotalUsage_PagingFileTotalUsage.rrd: 0.0, @ 1547577040
2019-01-15 11:30:40,775 DEBUG zen.thresholds: Checking value 0.0 on Devices/192.168.50.14/PagingFileTotalUsage_PagingFileTotalUsage
2019-01-15 11:30:40,775 DEBUG zen.MinMaxCheck: Checking PagingFileTotalUsage_PagingFileTotalUsage 0.0 against min None and max 95
2019-01-15 11:30:40,775 DEBUG zen.zenpython: Queued event (total of 13) {'rcvtime': 1547577040.775542, 'severity': 0, 'min': None, 'max': 95, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of Paging File Usage restored: current value 0.000000', 'current': 0.0, 'manager': 'zenosscore.CC.local', 'eventKey': '|PagingFileTotalUsage_PagingFileTotalUsage|Paging File Usage', 'device': '192.168.50.14', 'eventClass': '/Perf', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'monitor': 'localhost'}
2019-01-15 11:30:40,776 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/ProcessorTotalPrivilegedTime_ProcessorTotalPrivilegedTime.rrd: 11.3269837092486, @ 1547577040
2019-01-15 11:30:40,776 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/ProcessorTotalProcessorTime_ProcessorTotalProcessorTime.rrd: 12.5088541039647, @ 1547577040
2019-01-15 11:30:40,776 DEBUG zen.thresholds: Checking value 12.508854104 on Devices/192.168.50.14/ProcessorTotalProcessorTime_ProcessorTotalProcessorTime
2019-01-15 11:30:40,776 DEBUG zen.MinMaxCheck: Checking ProcessorTotalProcessorTime_ProcessorTotalProcessorTime 12.508854104 against min None and max 90
2019-01-15 11:30:40,777 DEBUG zen.zenpython: Queued event (total of 14) {'rcvtime': 1547577040.777064, 'severity': 0, 'min': None, 'max': 90, 'component': None, 'agent': 'zenpython', 'summary': 'threshold of CPU Utilization restored: current value 12.508854', 'current': 12.5088541039647, 'manager': 'zenosscore.CC.local', 'eventKey': '|ProcessorTotalProcessorTime_ProcessorTotalProcessorTime|CPU Utilization', 'device': '192.168.50.14', 'eventClass': '/Perf/CPU', 'device_guid': '2b95d828-2994-4247-b2c9-d74208d5154f', 'monitor': 'localhost'}
2019-01-15 11:30:40,777 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/ProcessorTotalUserTime_ProcessorTotalUserTime.rrd: 1.17175141875642, @ 1547577040
2019-01-15 11:30:40,778 DEBUG zen.RRDUtil: /opt/zenoss/perf/Devices/192.168.50.14/sysUpTime_sysUpTime.rrd: 103042313.333, @ 1547577040
2019-01-15 11:30:40,778 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon finished, result: None
2019-01-15 11:30:40,778 DEBUG zen.collector.scheduler: Task 192.168.50.14 300 Windows Perfmon changing state from STORE_PERF_DATA to IDLE
2019-01-15 11:30:40,778 INFO zen.zenpython: 1 devices processed (9 datapoints)
2019-01-15 11:30:40,778 INFO zen.collector.scheduler: Tasks: 4 Successful_Runs: 3 Failed_Runs: 0 Missed_Runs: 0 Queued_Tasks: 0 Running_Tasks: 1
2019-01-15 11:30:40,778 DEBUG zen.collector.scheduler: In shutdown stage before
2019-01-15 11:30:40,778 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{})
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Removing task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>, *(), **{})
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Removing task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Stopping running task 192.168.50.14 300 Windows Perfmon
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: call finished LoopingCall<300>(CallableTask: 192.168.50.14 300 Windows Perfmon, *(), **{}) : LoopingCall<300>(CallableTask: 192.168.50.14 300 Windows Perfmon, *(), **{})
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Removing task 192.168.50.14 300 Windows Perfmon
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Removing task configLoader
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: tasks to clean KeyedSet([<__main__.PythonCollectionTask object at 0x80deb10>, <__main__.PythonCollectionTask object at 0x5e5ec90>, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7300350>, <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7309510>, <__main__.PythonCollectionTask object at 0x5e5e9d0>])
2019-01-15 11:30:40,779 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> <__main__.PythonCollectionTask object at 0x80deb10>
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=192.168.50.14 300 ApplicationEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin Application <QueryList> <Query Path="Application" Id="0"> <Select Path="Application">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.14 300 Windows Perfmon <__main__.PythonCollectionTask object at 0x5e5ec90>
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=<DelayedCall 0x7e5eb90 [0.999969005585s] called=0 cancelled=0 PerfmonDataSourcePlugin.stop()> task.name=192.168.50.14 300 Windows Perfmon
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Cleanup on task configLoader <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7300350>
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=configLoader
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Cleanup on task configLoader <Products.ZenCollector.config.ConfigurationLoaderTask object at 0x7309510>
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=configLoader
2019-01-15 11:30:40,780 DEBUG zen.collector.scheduler: Cleanup on task 192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList> <__main__.PythonCollectionTask object at 0x5e5e9d0>
2019-01-15 11:30:40,781 DEBUG zen.collector.scheduler: Scheduler._cleanupTaskComplete: result=None task.name=192.168.50.14 300 SystemEventLog ZenPacks.zenoss.Microsoft.Windows.datasources.EventLogDataSource.EventLogPlugin System <QueryList> <Query Path="System" Id="0"> <Select Path="System">*[System[TimeCreated[timediff(@SystemTime) &lt;= {time}] and (Level=1 or Level=2 or Level=3)]]</Select> </Query> </QueryList>
2019-01-15 11:30:40,781 DEBUG zen.zenpython: Tried to stop reactor that was stopped
2019-01-15 11:30:40,781 INFO zen.zenpython: Daemon CollectorDaemon shutting down
2019-01-15 11:30:40,781 DEBUG zen.zenpython: Sending 14 events, 0 perf events, 0 heartbeats
2019-01-15 11:30:40,810 DEBUG zen.zenpython: Removing service EventService
2019-01-15 11:30:40,810 DEBUG zen.zenpython: Removing service ZenPacks.zenoss.PythonCollector.services.PythonConfig
2019-01-15 11:30:40,810 DEBUG zen.pbclientfactory: Lost connection to ::1:8789 - [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionLost'>: Connection to the other side was lost in a non-clean fashion: Connection lost.
]
2019-01-15 11:30:40,810 DEBUG zen.collector.scheduler: In shutdown stage during
2019-01-15 11:30:40,811 DEBUG zen.collector.scheduler: In shutdown stage after




------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Jane Curry
Posted: 2019-01-15 15:47

So under your 2016 output, I see there is a line with:

2019-01-15 11:30:40,736 DEBUG zen.MicrosoftWindows: Get-Counter results: [(True, ([u'Readings : \\\\davinci\\memory\\available bytes :', u'11295133696', u'\\\\davinci\\memory\\committed bytes :', u'6036549632', u'\\\\davinci\\memory\\pages input/sec :', u'0', u'\\\\davinci\\memory\\pages output/sec :', u'0', u'\\\\davinci\\paging file(_total)\\% usage :', u'0', u'\\\\davinci\\processor(_total)\\% privileged time :', u'11.3269837092486', u'\\\\davinci\\processor(_total)\\% processor time :', u'12.5088541039647', u'\\\\davinci\\processor(_total)\\% user time :', u'1.17175141875642', u'\\\\davinci\\system\\system up time :', u'1030423.1333304'], []))]

So you are definitely getting responses from the device for those values.  That should eliminate fundamental communications and kerberos issues.

You can also see lines with zen.RRDUtil in them that shows where data is actually stored away.  I hope that you ARE seeing values for memory, paging and cpu for this device in your graphs?

I guess the next question is whether it should be collecting other stuff for this device?  Has it managed to create Service components and Filesystem components?  If not, then you wouldn't expect to see queries in this output to gather performance stats and we need to go back to why the modeler has failed.

Did you try running the modeler in debug against a specific device for a particular plugin?  Try limiting it with --collect=zenoss.winrm.FileSystems . Redirect output to a file and see what you get there.

Cheers,
Jane

------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 16:09

Yep, I do get values in the graph for the Server 2016 computer

It should be collecting the other stuff should it not? I should be able to see components just like the 2008 servers, Windows Services, Files Systems, Processors and Interfaces. 

Here's a screenshot of a 2008r2 device, both with the older 2.6.12 zenpack and the latest zenpack. Notice the components, it's been this way since I've started using zenoss
https://drive.google.com/file/d/11RM2G9kSKWltuSmZA1zakrKzWSZw3QW3/view?usp=sharing


Here's a screenshot of the 2016 server under the same device class when using the latest zenpack. No components
https://drive.google.com/file/d/1z1z3yiiwjpyG00LwawHyKPAPhD0BAUb0/view?usp=sharing

I ran  zenmodeler run -v 10 -d 192.168.50.14 --collect=zenoss.winrm.FileSystems > /tmp/zenmodeler.out 2>&1 against the 2016 server, here's the output

2019-01-15 14:00:16,242 DEBUG zen.ZenModeler: Run in foreground, starting immediately.
2019-01-15 14:00:16,242 DEBUG zen.ZenModeler: Starting PBDaemon initialization
2019-01-15 14:00:16,242 INFO zen.ZenModeler: Connecting to localhost:8789
2019-01-15 14:00:16,242 DEBUG zen.pbclientfactory: Starting connection...
2019-01-15 14:00:16,243 DEBUG zen.ZenModeler: Logging in as admin
2019-01-15 14:00:16,243 DEBUG zen.pbclientfactory: Connected
2019-01-15 14:00:16,243 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 14:00:16,243 DEBUG zen.pbclientfactory: Sending credentials
2019-01-15 14:00:16,245 DEBUG zen.pbclientfactory: Cancelling connect timeout
2019-01-15 14:00:16,245 INFO zen.ZenModeler: Connected to ZenHub
2019-01-15 14:00:16,246 DEBUG zen.ZenModeler: Setting up initial services: EventService, ModelerService
2019-01-15 14:00:16,246 DEBUG zen.ZenModeler: Chaining getInitialServices with d2
2019-01-15 14:00:16,246 DEBUG zen.pbclientfactory: pinging perspective
2019-01-15 14:00:16,247 DEBUG zen.ZenModeler: Loaded service EventService from zenhub
2019-01-15 14:00:16,247 DEBUG zen.ZenModeler: Loaded service ModelerService from zenhub
2019-01-15 14:00:16,247 DEBUG zen.ZenModeler: Queued event (total of 1) {'rcvtime': 1547586016.247781, 'severity': 0, 'component': 'zenmodeler', 'agent': 'zenmodeler', 'summary': 'started', 'manager': 'zenosscore.CC.local', 'device': 'localhost', 'eventClass': '/App/Start', 'monitor': 'localhost'}
2019-01-15 14:00:16,248 DEBUG zen.ZenModeler: Sending 1 events, 0 perf events, 0 heartbeats
2019-01-15 14:00:16,248 DEBUG zen.ZenModeler: Calling connected.
2019-01-15 14:00:16,248 DEBUG zen.ZenModeler: fetching monitor properties
2019-01-15 14:00:16,248 DEBUG zen.pbclientfactory: perspective ponged
2019-01-15 14:00:16,248 DEBUG zen.pbclientfactory: Cancelling ping timeout
2019-01-15 14:00:16,254 DEBUG zen.ZenModeler: Getting threshold classes...
2019-01-15 14:00:16,297 DEBUG zen.ZenModeler: Loading classes ['Products.ZenModel.MinMaxThreshold', 'Products.ZenModel.ValueChangeThreshold', 'ZenPacks.community.deviceAdvDetail.thresholds.StatusThreshold']
2019-01-15 14:00:16,297 DEBUG zen.ZenModeler: Fetching default RRDCreateCommand...
2019-01-15 14:00:16,301 DEBUG zen.ZenModeler: Getting collector thresholds...
2019-01-15 14:00:16,337 DEBUG zen.thresholds: Updating threshold ('high event queue', ('localhost collector', ''))
2019-01-15 14:00:16,337 DEBUG zen.thresholds: Updating threshold ('zenmodeler cycle time', ('localhost collector', ''))
2019-01-15 14:00:16,337 DEBUG zen.ZenModeler: Getting collector plugins for each DeviceClass
2019-01-15 14:00:16,364 DEBUG zen.ZenModeler: Starting collector loop...
2019-01-15 14:00:16,364 INFO zen.ZenModeler: Collecting for device 192.168.50.14
2019-01-15 14:00:16,450 INFO zen.ZenModeler: skipping WMI-based collection, PySamba zenpack not installed
2019-01-15 14:00:16,453 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 14:00:16,453 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 14:00:16,453 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 14:00:16,454 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 14:00:16,454 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 14:00:16,454 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 14:00:16,454 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 14:00:16,455 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 14:00:16,455 DEBUG zen.ZenModeler: Using zenoss.winrm.FileSystems on 192.168.50.14 because of --collect flag
2019-01-15 14:00:16,457 INFO zen.ZenModeler: Python collection device 192.168.50.14
2019-01-15 14:00:16,457 INFO zen.ZenModeler: plugins: zenoss.winrm.FileSystems
2019-01-15 14:00:16,457 DEBUG zen.PythonClient: Running collection for plugin zenoss.winrm.FileSystems
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 14:00:16,460 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 14:00:16,461 INFO zen.ZenModeler: No command plugins found for 192.168.50.14
2019-01-15 14:00:16,461 INFO zen.ZenModeler: SNMP monitoring off for 192.168.50.14
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.OperatingSystem
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.CPUs
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.FileSystems
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Interfaces
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Services
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Processes
2019-01-15 14:00:16,461 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.Software
2019-01-15 14:00:16,462 DEBUG zen.ZenModeler: Loaded plugin zenoss.winrm.HardDisks
2019-01-15 14:00:16,462 INFO zen.ZenModeler: No portscan plugins found for 192.168.50.14
2019-01-15 14:00:16,462 DEBUG zen.ZenModeler: Running 1 clients
2019-01-15 14:00:16,462 DEBUG zen.ZenModeler: Collection slots filled
2019-01-15 14:00:16,463 DEBUG zen.ZenModeler: Running 1 clients
2019-01-15 14:00:16,484 DEBUG zen.MicrosoftWindows: Sending event: Collection completed for 192.168.50.14
2019-01-15 14:00:16,484 DEBUG zen.ZenModeler: Queued event (total of 1) {'rcvtime': 1547586016.484874, 'eventClassKey': 'ConnectionError', 'agent': 'zenmodeler', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Winrm', 'message': 'Collection completed for 192.168.50.14', 'severity': 0, 'monitor': 'localhost', 'summary': 'Modeler plugin zenoss.winrm.FileSystems successful.', 'eventKey': 'WinRMPlugin|192.168.50.14'}
2019-01-15 14:00:16,485 DEBUG zen.MicrosoftWindows: Sending event: Collection completed for 192.168.50.14
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Queued event (total of 2) {'rcvtime': 1547586016.485123, 'eventClassKey': 'ConnectionError', 'agent': 'zenmodeler', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.14', 'eventClass': '/Status/Kerberos', 'message': 'Collection completed for 192.168.50.14', 'severity': 0, 'monitor': 'localhost', 'summary': 'Modeler plugin zenoss.winrm.FileSystems successful.', 'eventKey': 'WinRMPlugin|192.168.50.14'}
2019-01-15 14:00:16,485 DEBUG zen.PythonClient: Results for zenoss.winrm.FileSystems: {}
2019-01-15 14:00:16,485 INFO zen.PythonClient: Python client finished collection for 192.168.50.14
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Client for 192.168.50.14 finished collecting
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Processing data for device 192.168.50.14
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Processing plugin zenoss.winrm.FileSystems on device 192.168.50.14 ...
2019-01-15 14:00:16,485 WARNING zen.ZenModeler: The plugin zenoss.winrm.FileSystems returned no results.
2019-01-15 14:00:16,485 INFO zen.ZenModeler: No change in configuration detected
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Client 192.168.50.14 finished
2019-01-15 14:00:16,485 DEBUG zen.ZenModeler: Running 0 clients
2019-01-15 14:00:16,485 INFO zen.ZenModeler: Scan time: 0.12 seconds
2019-01-15 14:00:16,486 DEBUG zen.thresholds: Checking value 0.121944904327 on Daemons/localhost/zenmodeler_cycleTime
2019-01-15 14:00:16,486 DEBUG zen.MinMaxCheck: Checking zenmodeler_cycleTime 0.121944904327 against min None and max 34560.0
2019-01-15 14:00:16,487 DEBUG zen.ZenModeler: Queued event (total of 3) {'zenoss.device.url': 'zport/dmd/Monitors/Performance/localhost/viewDaemonPerformance', 'zenoss.device.path': 'Monitors/Performance/localhost', 'severity': 0, 'min': None, 'max': 34560.0, 'component': '', 'agent': 'zenmodeler', 'summary': 'threshold of zenmodeler cycle time restored: current value 0.121945', 'current': 0.12194490432739258, 'manager': 'zenosscore.CC.local', 'eventKey': 'zenmodeler cycle time', 'rcvtime': 1547586016.48734, 'device': 'localhost collector', 'eventClass': '/Perf', 'monitor': 'localhost'}
2019-01-15 14:00:16,487 DEBUG zen.collector.scheduler: In shutdown stage before
2019-01-15 14:00:16,488 DEBUG zen.ZenModeler: Tried to stop reactor that was stopped
2019-01-15 14:00:16,488 INFO zen.ZenModeler: Daemon ZenModeler shutting down
2019-01-15 14:00:16,488 DEBUG zen.ZenModeler: Sending 3 events, 0 perf events, 0 heartbeats
2019-01-15 14:00:16,501 DEBUG zen.ZenModeler: Removing service EventService
2019-01-15 14:00:16,501 DEBUG zen.ZenModeler: Removing service ModelerService
2019-01-15 14:00:16,501 DEBUG zen.pbclientfactory: Lost connection to ::1:8789 - [Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.ConnectionLost'>: Connection to the other side was lost in a non-clean fashion: Connection lost.
]
2019-01-15 14:00:16,502 DEBUG zen.collector.scheduler: In shutdown stage during
2019-01-15 14:00:16,502 DEBUG zen.collector.scheduler: In shutdown stage after

------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-15 17:26

If I add the user to the local administrators group on the 2016 server I get the components. I'm confused though, as this user has the proper access to parse these components on the 2008 boxes. I'm using the zenoss-lpu.ps1 script, same that is being applied to 2008.

The only thing I can see is it being is https://github.com/zenoss/microsoft.tools

"This script is known to work for Windows 2008 and 2012 member servers".

So....no one is monitoring 2016 here at all?




------------------------------
R S
------------------------------
Subject: RE: 6.1.2 Installation
Author: Jane Curry
Posted: 2019-01-15 18:05

So there is a line in your modeler output saying:

2019-01-15 14:00:16,485 WARNING zen.ZenModeler: The plugin zenoss.winrm.FileSystems returned no results.

I am suspecting that maybe the WinRm groups may have changed subtly in 2016??  Do you have another way to walk the queries for filesystems with WinRm and compare the query and the output between 2012 and 2016?

Zenoss ships a winrs command that you might try - here is one I have used in the past:

winrs single -u <user@domain> -a kerberos -r <remote> -i <dc ip>  -x "powershell -command \"get-counter '\\logicaldisk(c:)\\% Disk Read Time'\" "

Cheers,
Jane

------------------------------
Jane Curry
Skills 1st United Kingdom
jane.curry@skills-1st.co.uk
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-17 09:49

Using your command against the 2016 server shows me this

{'exit_code': 0,
'stderr': [],
'stdout': [u'Timestamp CounterSamples',
u'--------- --------------',
u'01/17/2019 7:44:33 AM \\\\davinci\\logicaldisk(c:)\\% disk read time :',
u'0']}


Against a 2008r2 shows me this

{'exit_code': 0,
'stderr': [],
'stdout': [u'Timestamp CounterSamples',
u'--------- --------------',
u'1/17/2019 7:43:56 AM \\\\gateway\\logicaldisk(c:)\\% disk read time :',
u'0']}

Same results. What I have noticed is that if I spin up my previous Zenoss with the Windows zenpack 2.6.12 the modeler logs also show Modeler plugin zenoss.winrm.HardDisks returned no results. However that doesn't seem to generate an event. 

One the latest Zenpack, I now see Modeler plugin zenoss.winrm.HardDisks returned no results as an event. Only for 2008r2, and within a 24 hours period this event will clear itself and come back sometimes 2-3 times.


------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: R S
Posted: 2019-01-17 11:46

When modeling 2008 here's a snipet from the zenmodelerout file

2019-01-17 08:55:07,663 ERROR zen.PythonClient: Error on 192.168.50.10: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.
2019-01-17 08:55:07,663 DEBUG zen.MicrosoftWindows: Sending event: Error on 192.168.50.10: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.
2019-01-17 08:55:07,663 DEBUG zen.ZenModeler: Queued event (total of 1) {'rcvtime': 1547740507.663216, 'eventClassKey': 'ConnectionError', 'agent': 'zenmodeler', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.10', 'eventClass': '/Status/Winrm', 'message': 'Error on 192.168.50.10: No results returned for zenoss.winrm.HardDisks. Check WinRM server configuration and z properties.', 'severity': 4, 'monitor': 'localhost', 'summary': 'Modeler plugin zenoss.winrm.HardDisks returned no results.', 'eventKey': 'WinRMPlugin|192.168.50.10'}
2019-01-17 08:55:08,266 DEBUG zen.MicrosoftWindows: Sending event: Collection completed for 192.168.50.10
2019-01-17 08:55:08,266 DEBUG zen.ZenModeler: Queued event (total of 2) {'rcvtime': 1547740508.266792, 'eventClassKey': 'ConnectionError', 'agent': 'zenmodeler', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.10', 'eventClass': '/Status/Winrm', 'message': 'Collection completed for 192.168.50.10', 'severity': 0, 'monitor': 'localhost', 'summary': 'Modeler plugin zenoss.winrm.HardDisks successful.', 'eventKey': 'WinRMPlugin|192.168.50.10'}
2019-01-17 08:55:08,266 DEBUG zen.MicrosoftWindows: Sending event: Collection completed for 192.168.50.10
2019-01-17 08:55:08,267 DEBUG zen.ZenModeler: Queued event (total of 3) {'rcvtime': 1547740508.267051, 'eventClassKey': 'ConnectionError', 'agent': 'zenmodeler', 'manager': 'zenosscore.CC.local', 'device': '192.168.50.10', 'eventClass': '/Status/Kerberos', 'message': 'Collection completed for 192.168.50.10', 'severity': 0, 'monitor': 'localhost', 'summary': 'Modeler plugin zenoss.winrm.HardDisks successful.', 'eventKey': 'WinRMPlugin|192.168.50.10'}
2019-01-17 08:55:08,267 DEBUG zen.PythonClient: Results for zenoss.winrm.HardDisks: {'signature_uniqueid': {'exit_code': 0,
'stderr': [u"The term 'Get-Disk' is not recognized as the name of a cmdlet, function, script",
u'file, or operable program. Check the spelling of the name, or if a path was in',
u'cluded, verify that the path is correct and try again.',
u'At line:1 char:12',
u"+ & {Get-Disk <<<< | ForEach-Object {$_.Signature, '=', $_.UniqueId, '|'};}",
u'+ CategoryInfo : ObjectNotFound: (Get-Disk:String) [], CommandNot',
u'FoundException',
u'+ FullyQualifiedErrorId : CommandNotFoundException'],
'stdout': []}}


The powershell command "Get-Disk" doesn't work in 2008.This is normal behavior, so I guess what's changed from my previous zenpack to this one.

------------------------------
R S
------------------------------

Subject: RE: 6.1.2 Installation
Author: Johnathan Huettner
Posted: 2019-02-14 18:53

Serge,

   I tried using your ansible tool but it's not working for me.  New Centos 7 VM.  Git cloned to /root/anisble-serviced-zenoss.  Installed ansible.  hosts file reads:
[docker]
vmzenoss01   lvm_dev=/dev/centos
... rest of the file is left as-is

   When I run ./setup I get an error under TASK [Gathering Facts]
fatal: [vmzenoss01]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Permission denied (publickey, gssapi-keyex, gssapi-with-mic,password).", "unreachable": true.

   I edited /etc/ansible/hosts and put my hostname in there just to see if that's the problem, but the error still occurs.  Any ideas?

Subject: RE: 6.1.2 Installation
Author: Johnathan Huettner
Posted: 2019-02-15 11:39

I found the solution to my problem.  I'm not familiar with anisble, and it wasn't setup correctly.  You don't need to just install it, you need to configure it as well, before you'll be able to run the ansible-serviced-zenoss installation script.  In my case, I needed to edit /etc/ansible/hosts, and set the ansible_ssh_pass and ansible_ssh_user before it would work correctly.
   Example /etc/anisble/hosts:

myservername ansible_ssh_pass=<root password> ansible_ssh_user=root

   Then you can run ansible all -m ping to test ansible before running the ./setup script.  I would suggest adding this to your instructions for those of us who are less experienced :-)

------------------------------
Johnathan Huettner
------------------------------


< Previous
docker image cleanup before upgrade 		  Next
Adding a host via VirtualBox 		>