The Windows Event Log script searches the Windows Event log on a computer for specific events that may have occured during a specified time frame, and reports the number of occurrences as an Orion APM statistic.
[-computer computerName] [-area eventArea] [-type eventType] [-id eventID] [-source eventSource] [-exclusions findExclusionText] [-match findMatchText] [-timespan timeSpanMins] [-failmode failmodeType]
Name of the computer whose event logs you want to read. If not specified, the default value is localhost.
Name of the Windows NT Event Log File: Application, Security, or System.
Name of the event type: Error, Warning, Information, Success, or Failure.
Identifier of the event, specific to the source that generated the event log entry. Used together with the eventSource to uniquely identify a Windows NT event type. The default value is 0.
Name of the source (application, service, driver, or subsystem) that generated the entry. Used together with eventID to uniquely identify a Windows NT event type.
A string of text which, if located by the script, prohibits that event from being counted towards the APM statistic.
A string of text which, if located by the script, counts towards the APM statistic.
The age, in minutes, of the oldest event that the script attempts to locate.
These arguments returns the number of events in the localhost Application event log that have an ID of 1 and that have occured within the last 5 minutes. If any events are found, the component is put into a down state.
-computer localhost -area Application -id 1 -timespan 5