![]() |
![]() |
Subject: | Windows Event Log collection |
Author: | [Not Specified] |
Posted: | 2015-04-27 13:31 |
How do I collect all warning and errors
I've just installed latest Zenoss 4 & ZenPack 2.4.1 & Python.
Created a Windows_Event template, selected Warning level, and molded to a Windows Server. Reconfigured WinRM on server. According to the following site, all i need to do is to put in following query but it's grabbing error, informational, and warning events.
{ $$_.Level -le [System.Diagnostics.Eventing.Reader.StandardEventLevel]::Warning }
https://support.zenoss.com/hc/en-us/articles/203241949-How-to-Capture-Wi...
Not sure if it's grabbing extended Log in the eventlog but it's not being caught. Such as "MSExchange Management"
To remove Information, can we do something with proper syntax like
* AND { $$_.Level -ne [System.Diagnostics.Eventing.Reader.StandardEventLevel]::Information}
< |
Previous SNMP Hex String - Not a string really? |
Next zenrestore not working ZenOSS 4.2.3 |
> |