History ------- This is built on the NTSyslog code (GPL), adding in the send_nsca code (GPL) by Ethan Galstead. Then I added the filtering routines, and modified send_nsca so that it would work as a library and also compile under Windows. Installing: ----------- set up the service nagevlog.exe -install configure, and start service nagevlogctl.exe Filters ------- The system will never forward event log entries generated by itself (for obvious reasons) The first filter to match is used ONLY. Each filter should specify a Nagios service description and a status level. You obviously need to have the NSCA service installed on your Nagios server! Dont forget to make sure the Encryption type and password configured match. You can set up a second Nagios NSCA server if you have a redundant configuration. The logging options allow you to generate EventLog entries for the various agent actions. The agent will initiate a separate connection to NSCA for each log to be forwarded. This can be a bit heavy if you configure to forward too many logs! Try to be selective. The Event ID filter is a comma separated list. The Match String is NOT a regexp. If this string occurs ANYWHERE in the message, then it will count as a match. It is case sensitive. For all other string matches, case is sensitive, and trailing space count. Probably you should switch on the 'log NSCA messages' option at first to check your filter config. Nagios Config -------------- Suggested Nagios services.cfg setup: define service { service_description Event Log host_name %SHNAME% active_checks_enabled 1 check_period none passive_checks_enabled 1 flap_detection_enabled 0 notification_period 24x7 max_check_attempts 1 normal_check_interval 5 notification_options w,c,r check_freshness 1 # 1800 sec = 30 min freshness_threshold 1800 check_command ok!No alerts in last 30 min }