The Windows Event Log can be monitored by PRTG (Event Log (Windows API) Sensor or WMI Event Log Sensor). You can either filter by including or excluding. That is OK. My customer would like to extend the sensor (or if you want have a new sensor). The extension makes it more granular.
This sensor would allow you to trigger an alarm when an entry occurs x (value should be defined by the end user) over a certain amount of time (value should be defined by the user)
The background is that an event with a specific ID only is interesting when occurs x times during a specific amount of time (say 100 seconds or 60 minutes). In case you have 15 event of ID 123 during 2 minutes, you would like the status to be changing. Specially events in the security log file need attention in this type of cases.
Please vote up if you have an application for this and see the benefits!
Thank you
Article Comments
I'll just leave this one here:
https://helpdesk.paessler.com/en/support/solutions/articles/76000065197-how-can-i-monitor-my-historic-windows-events
As discussed, it meets most of the requirements :)
PRTG Scheduler |
PRTGapi |
Feature Requests |
WMI Issues |
SNMP Issues
Kind regards,
Stephan Linke, Tech Support Team
Feb, 2019 - Permalink
Why don't you engage PowerShell or WMI here and write a script?
You can sure accomplish this - it's just not a standard on-board sensor that PRTG delivers.
Not sure if the Script-World or the PRTG-Tools family resources have something ready to go already.. or at least close to what you want so you only need to do minimal adjustments..
Regards
Florian Rossmark
www.it-admins.com
Jan, 2019 - Permalink