Windows Event Log Count-- updated on Sept 9, 2008 (SolarWinds)

Windows Event Log Script


The Windows Event Log script searches the Windows Event log on a computer for specific events that may have occured during a specified time frame, and reports the number of occurrences as an Orion APM statistic.

 

Arguments
[-computer computerName] [-area eventArea] [-type eventType] [-id eventID] [-source eventSource] [-exclusions findExclusionText] [-match findMatchText] [-timespan timeSpanMins] [-failmode failmodeType]

 

computerName

Name of the computer whose event logs you want to read. If not specified, the default value is localhost.

 

eventArea

Name of the Windows NT Event Log File:  Application, Security, or System.

 

eventType

Name of the event type: Error, Warning, Information, Success, or Failure.

 

eventID

Identifier of the event, specific to the source that generated the event log entry. Used together with the eventSource to uniquely identify a Windows NT event type. The default value is 0.

 

eventSource

Name of the source (application, service, driver, or subsystem) that generated the entry. Used together with eventID to uniquely identify a Windows NT event type.

 

findExclusionsText

A string of text which, if located by the script, prohibits that event from being counted towards the APM statistic.

 

findMatchText

A string of text which, if located by the script, counts towards the APM statistic.

 

timeSpanMins

The age, in minutes, of the oldest event that the script attempts to locate.

  

Example
These arguments returns the number of events in the localhost Application event log that have an ID of 1 and that have occured within the last 5 minutes. If any events are found, the component is put into a down state.

-computer localhost -area Application -id 1 -timespan 5

FormerMember
FormerMember