To enable monitoring logs in a Windows environment, select the relevant policy and
assign specific check parameters to the policy. When log monitoring is enabled and a
specified string is discovered in the log being monitored, the system creates an
event.
始める前に
Role required: agent_client_collector_admin
手順
-
Navigate to .
-
Select the Windows log monitoring policy.
-
On the Check Instances tab, select
os.windows.check-log to enable monitoring Windows log
files.
-
On the Check Parameters tab, specify the log parameters
to be monitored by the check, as described in the following table:
表 : 1. Check parameters
| Name |
Value |
| warning |
Number of times the specified pattern strings are found in the log which generates a warning event. Default = 1. For example, if the pattern value is
Exception and one Exception event is located in the log, a warning event is generated. |
| critical |
Number of times the specified pattern strings are found in the log which generates a critical event. Default = 2. For example, if the pattern value is
Exception and two Exception events are located in the log, a critical event is generated. |
| file |
Location of the log file. |
| pattern |
Strings which are being searched for in the log. Default values are Severe and Exception. Other possible values include 404 and
Error. Ensure that you separate multiple patterns with a pipe (|) and pass it as a parameter inside quotes. For example: "SEVERE|404". |