API tools faq
paste
Advertisement
eddie_mateus

yaml_win32_event_log

eddie_mateus
Apr 25th, 2016
94
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.92 KB | None | 0 0
raw download clone embed print report
  1. init_config:
  2. # The (optional) tag_event_id setting will add an event id tag to each
  3. # event sent from this check. Defaults to false.
  4. #tag_event_id: false
  5.  
  6. instances:
  7. # Each Event Log instance lets you define the type of events you want to
  8. # match and how to tag those events.
  9.  
  10. #-
  11. # By default, the local machine's event logs are captured. To capture a remote
  12. # machine's event logs, specify the machine name (DCOM has to be enabled on
  13. # the remote machine). If authentication is needed, specify a username and a
  14. # password.
  15. # host: remote_machine_name
  16. # username: user
  17. # password: pass
  18.  
  19. # The (optional) log_file filter will instruct the check to only capture events
  20. # that belong to one of the specified LogFiles (Application, System, Setup, Security,
  21. # or application-specific LogFile).
  22. - log_file: Application
  23. type: Information
  24. # tags: information
  25.  
  26. # The (optional) source_name filter will instruct the check to only capture events
  27. # that come from one of the specified SourceNames.
  28. # source_name:
  29. # - Microsoft-Windows-Security-Auditing
  30.  
  31. # The (optional) type filter will instruct the check to only capture events
  32. # that have one of the specified Types.
  33. # Standard values are: Critical, Error, Warning, Information, Audit Success, Audit Failure.
  34. # type:
  35. # - Audit Failure
  36.  
  37. # The (optional) event_id filter will instruct the check to only capture events
  38. # that have one of the specified EventCodes.
  39. # The event ID can be found through http://www.eventid.net/ and viewed in the
  40. # Windows Event Viewer.
  41. # event_id:
  42. # - 4776
  43. # - 4672
  44.  
  45. # The (optional) message_filters filter will instruct the check to only capture
  46. # events which Message field matches all of the specified filters.
  47. # Use % as a wildcard. See http://msdn.microsoft.com/en-us/library/aa392263(v=vs.85).aspx
  48. # for more on the format for LIKE queries.
  49. # NOTE: Any filter that starts with "-" will be a NOT query, e.g.: '-%success%'
  50. # will search for events without 'success' in the message.
  51. # message_filters:
  52. # - "-%success%"
  53. # - "%SYSTEM%"
  54.  
  55. # The (optional) tags parameter will instruct the check to tag the captured
  56. # events with the specified tags.
  57. # tags:
  58. # - security
  59.  
  60.  
  61. # Here are a couple basic examples:
  62.  
  63. # The following instance will capture errors and warnings from SQL Server which
  64. # puts all events under the MSSQLSERVER source and tag them with #sqlserver.
  65.  
  66. # - log_file:
  67. # - Application
  68. # source_name:
  69. # - MSSQLSERVER
  70. # type:
  71. # - Warning
  72. # - Error
  73. # message_filters:
  74. # - "%error%"
  75. # tags:
  76. # - sqlserver
  77.  
  78. # This instance will capture all system errors and tag them with #system.
  79.  
  80. #- log_file:
  81. # - System
  82. # type:
  83. # - Error
  84. #tags:
  85. # - system
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!