The EVENTLOG statement specifies the name of a Windows event log to monitor.
Supported Job Type
This statement is required for the Windows Event Log Monitoring job type.
Syntax
This statement has the following format:
EVENTLOG log_name [CONTINUOUS(alertid)]
Specifies the name of the event log.
Limits: Up to 256 characters; case-sensitive
(Optional) Specifies the identifier of an alert to be triggered when the specified event log monitoring conditions occur. Defines the job as continuous. To end continuous monitoring, you must complete the job manually or cancel it. If you do not specify this operand, the job completes when the specified event log monitoring conditions occur.
Specifies the alert identifier to be triggered.
Limits: 1-8 alphanumeric characters; the first character must be alphabetic
Note: The alert must have been previously defined to the scheduling manager. Not all scheduling managers support the CONTINUOUS operand.
Note: LOGNAME is an alias of EVENTLOG.
Example: Monitor a Windows Event Log named System
This example monitors a system event log for an event type of WARN, event source of MrxSmb, and event category of None:
AGENT WINAGENT EVENTLOG System EVENTTYPE WARN EVENTSOURCE MrxSmb EVENTCATEGORY None
Example: Continuously Monitor an Application Event Log
This example continuously monitors an application event log. An alert named ELOG is triggered for all instances of the INFO event type, where the event source is LLDSAPNT223, the event description contains the word started, and the event ID is less than or equal to 4000.
AGENT WINAGENT EVENTLOG Application CONTINUOUS(ELOG) EVENTTYPE INFO EVENTCATEGORY None EVENTSOURCE LLDSAPNT223 EVENTDESCRIPTION started EVENTID LE 4000
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|