Solutions

Event log sensor..

Modified on 2025-06-10 14:47:01 +0200

I tried creating an event log sensor to monitor DHCP logs(event logs) from my server and it was successfully connected but when I checked whether it synched or not, I just found out that it wasn't synching..

This is what i done:

match string (event message) = Scope, %, is % percent full with only % IP addressess remaining.

in another sensor i did

Filter by source = DHCP-Server

on another

Filter by ID = 1020

Have i done something wrong?

Article Comments

Hello,

have you tried using only one Filter if that work? Or maybe start with the Sensor without any Filters, does it pick up Events then? Which Eventlog Sensor are you using? The WMI Eventlog Sensor or the Windows API Eventlog Sensor?

best regards.

Jul, 2012 - Permalink

I created 3 different WMI Eventlog sensors where in i used the data above.

EX:

Sensor 1 - match string (event message) = Scope, %, is % percent full with only % IP addressess remaining.

Sensor 2 - Filter by source = DHCP-Server

Sensor 3 - Filter by ID = 1020

So far i found out only sensor 3 has recieved the data. I'm just wondering how can i make sensor 1 work? Since i need to filter it by the event message or can you provide me with a sample string that I can base on? Thanks in advance.

Jul, 2012 - Permalink

Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.

Event log sensor..

Article Comments

Search

Attention

Related Articles