The edgewatch Windows event monitoring commands and associated arguments are as follows:
add index flags evLog evType "evSrc" "evDesc" "descr" "action"
setstatus index status
delete index
list
Specifies the row (index) of the monitor table to use for this entry. Each row in the table is uniquely identified by an index number. Rows 1 through 10 are reserved for internal use by the agent, so the index value must be greater than 10 and unique across the table.
Specifies any additional behavioral instructions for this entry using a hexadecimal flags value (for example, 0x00000001).
Specifies the event log to monitor. This value can be one of the following:
Specifies the event type to match for this entry. The following are valid types:
Entering 'all' indicates that all event types should match.
Specifies the regular expression to use when scanning the Event Source attribute in each event.
Specifies the regular expression to use when scanning the Event Description attribute in each event.
Specifies an arbitrary description (0 to 512 characters in length) of the table entry.
Specifies a command (0 to 2048 characters in length), including the full path and any parameters, to run when the entry is matched and a trap is sent. If the string is empty, the agent performs no action for this entry.
Note: You can change the default settings for when the agent performs actions. For more information, see the chapter "Agent Configuration."
Specifies the Status textual convention value to use in setting the status of a row in the NT Event Monitor table when used with the setstatus operation. Valid values are as follows. Values can be either the assigned integer values or the actual spelled out status text:
|
Copyright © 2013 CA.
All rights reserved.
|
|