win32_2

1. init_config:
3.   ## @param tag_event_id - boolean - optional - default: false
4.   ## The `tag_event_id` setting adds an event id tag to each
5.   ## event sent from this check.
6.   #
7.   # tag_event_id: false
8.  
9.   ## @param default_event_priority - string - optional - default: normal
10.   ## Set priority level in event stream for all events created by integration
11.   ## Options available are 'low' or 'normal'.
12.   #
13.   # default_event_priority: normal
14.  
15. instances:
17.   -
18.  
19.     ## @param host - string - optional - default: localhost
20.     ## By default, the local machine's event logs are captured. To capture a remote
21.     ## machine's event logs, specify the machine name (DCOM has to be enabled on
22.     ## the remote machine).
23.     #
24.     # host: <REMOTE_HOSNAME>
25.  
26.     ## @param username - string - optional
27.     ## If authentication is needed, specify a `username` here.
28.     #
29.     # username: <USERNAME>
30.  
31.     ## @param password - string - optional
32.     ## If authentication is needed, specify a `password` here.
33.     #
34.     # password: <PASSWORD>
35.  
36.     ## @param event_priority - string - optional - default: normal
37.     ## Override default event priority by setting it per instance
38.     ## Available values are: `normal` and `low`
39.     #
40.     # event_priority: normal
41.  
42.     ## FILTERS
43.     ## At least one filter is required:
44.     ## `log_file`, `source_name`, `type`, `event_id`, `message_filters`
45.  
46.     ## @param log_file - list of strings - optional
47.     ## The `log_file` filter instructs the check to only capture events
48.     ## that belong to one of the specified LogFiles (Application, System, Setup, Security,
49.     ## or application-specific LogFile).
50.     #
51.     log_file:
52.     - Application
53.      - Setup
54.     type:
55.     - Warning
56.  
57.     ## @param source_name - list of strings - optional
58.     ## The `source_name` filter instructs the check to only capture events
59.     ## that come from one of the specified SourceNames.
60.     #
61.     #source_name:
62.     #  - asus
63.  
64.     ## @param type - list of strings - optional - default: information
65.     ## The `type` filter instructs the check to only capture events
66.     ## that have one of the specified Types.
67.     ## Standard values are: Critical, Error, Warning, Information, Audit Success, Audit Failure.
68.     #
69.     #type:
70.     #  - information
71.  
72.     ## @param event_id - list of strings - optional
73.     ## The `event_id` filter i5nstructs the check to only capture events
74.     ## that have one of the specified EventCodes.
75.     ## The event ID can be found through http://www.eventid.net/ and viewed in the
76.     ## Windows Event Viewer.
77.     #
78.     # event_id:
79.     #   - <EVENT_ID>
80.  
81.     ## @param message_filters - list of strings - optional
82.     ## The `message_filters` filter instructs the check to only capture
83.     ## events which Message field matches all of the specified filters.
84.     ## Use % as a wildcard. See http://msdn.microsoft.com/en-us/library/aa392263(v=vs.85).aspx
85.     ## for more on the format for LIKE queries.
86.     ##
87.     ## NOTE: Any filter that starts with "-" is NOT a query, e.g.: '-%success%'
88.     ## searches for events without 'success' in the message.
89.     #
90.     message_filters:
91.      - '-%test101%'
92.  
93.     ## @param event_format - list of strings - optional - default: Message
94.     ## The `event_format` parameter instructs the check to generate
95.     ## Datadog's event bodies with the specified list of event properties.
96.     ## If unspecified, the EventLog's `Message` or `InsertionStrings` are used by default.
97.     ## Available values are: Logfile, SourceName, EventCode, Message, InsertionStrings, TimeGenerated, Type
98.     #
99.     # event_format:
100.     #   - Message
101.  
102.     ## @param tags - list of key:value elements - optional
103.     ## List of tags to attach to every metric, event, and service check emitted by this Integration.
104.     ##
105.     ## Learn more about tagging: https://docs.datadoghq.com/tagging/
106.     #
107.     #tags:
108.     #  - customTag:esp
109.     #   - <KEY_2>:<VALUE_2>
110.  
111. ## Log Section (Available for Agent >=6.0)
112. ##
113. ## type - mandatory - Type of log input source (tcp / udp / file / windows_event)
114. ## port / path / channel_path - mandatory - Set port if type is tcp or udp. Set path if type is file and channel_path if windows_event
115. ## service - mandatory - Name of the service owning the log
116. ## source  - mandatory - Attribute that defines which integration is sending the logs
117. ## tags: - optional - Add tags to each logs collected
118. ##
119. ## Discover Datadog log collection: https://docs.datadoghq.com/logs/log_collection/
120. #
121. logs:
122.   - type: windows_event
123.     channel_path: Application
124.     source: Application
125.     service: myapp
126.     log_processing_rules:
127.     - type: exclude_at_match
128.       name: exclude_lol
129.       pattern: "\\Q Could not write logs to 'C:\\Program Files\\OutSystems\\Platform Server\\logs\\OsISAPI.log’. Please make sure IIS has write access to this folder. \\E"
130. #
131. #   - type: windows_event
132. #     channel_path: <CHANNEL_2>
133. #     source: <CHANNEL_2>
134. #     service: <SERVICE_NAME>
135.