Hello all, I started using PRTG a few weeks ago and liking it. I am setting up some sensors for Event Viewer IDs that I want to monitor and be alerted about. I am using the Win API event log as it seems to work better for me than the WMI. However, I cant seem to find any options to monitor the Windows firewall with advanced security for Windows 10. I want to monitor the following events • ID 2003: The firewall was activated for a profile. • ID 2004: A new rule was created. • ID 2005: A rule was modified. • ID 2006: A rule was deleted What am I missing?
Article Comments
Hello Happy,
Thanks for the KB post, the Event Log Sensor indeed doesn't monitor events in Windows firewall with advanced security.
As a workaround, you would need to write a script, for example in Powershell to query the event log and use our custom sensor.
For more information please check these links:
https://www.paessler.com/manuals/prtg/exe_script_sensor.htm https://www.paessler.com/manuals/prtg/exe_script_advanced_sensor.htm
You can check the expected syntax for both sensors insider your PRTG under 'Setup > PRTG API', please refer to the "Custom Sensors" tab.
You can see examples for custom sensors within PRTG's folder under: C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors
Thanks.
With kind regards,
Chan Siau Hen
Technical Support Team, Paessler AG
Feb, 2021 - Permalink
Hello Happy,
Thanks for the KB post, the Event Log Sensor indeed doesn't monitor events in Windows firewall with advanced security.
As a workaround, you would need to write a script, for example in Powershell to query the event log and use our custom sensor.
For more information please check these links:
https://www.paessler.com/manuals/prtg/exe_script_sensor.htm https://www.paessler.com/manuals/prtg/exe_script_advanced_sensor.htm
You can check the expected syntax for both sensors insider your PRTG under 'Setup > PRTG API', please refer to the "Custom Sensors" tab.
You can see examples for custom sensors within PRTG's folder under: C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors
Thanks.
With kind regards,
Chan Siau Hen
Technical Support Team, Paessler AG
Feb, 2021 - Permalink
Now i try with custom EXE/SCRIPT sensor and no luck... I use modpoll.exe program ( https://www.modbusdriver.com/modpoll.html ) I don't know how to program script to run a program and read values.
In windows cmd i use command:
modpoll.exe -c 1 -r 1 -f -t 3:float -p 4001 -m enc 192.168.5.87and I get the answer :This is Phase 1 VOLT
If i use
modpoll.exe -c 1 -r 1 -f -t 3:float -p 4001 -m enc 192.168.5.87and I get the answer :-- Polling slave... (Ctrl-C to stop) [7]: 5.705577This is Current of L1Now have problem with writing script in Windows PowerShell ISE....
Can someone can help me ?
Thank you!
Damjan
Feb, 2021 - Permalink