Jemand zu Hause?![[twitter]](/battie/theme/default/icons/twitter.gif){kind=icon}
![[gelöst]](/battie/theme/default/icons/tick.png "gelöst"){kind=icon}
+17 replies![[default_avatar]](/battie/theme/default/default_avatar.gif){kind=avatar}
+12 replies
+11 replies
1
2
3
4
5
root@server1:/usr/local/icinga/libexec> ./check_wmi_eventid -H server02 -u administrator -p password -l "veeam\ backup" -e 250 -w 1 -c 3 -t1 -m1440 -d
( Logfile = "veeam" ) and Logfile = "backup" ) and ( eventcode = "250" ) and ( EventType = "1" ) and
/usr/local/bin/wmic --namespace root/cimv2 -U administrator%password //server02 '--delimiter="|"' 'Select EventCode,EventIdentifier,EventType,SourceName from Win32_NTLogEvent where ( Logfile = "veeam" ) and Logfile = "backup" ) and ( eventcode = "250" ) and ( EventType = "1" ) and TimeGenerated > "20141015090623.000000+120"'
WMIC ERROR : NTSTATUS: NT code 0x80041017 - NT code 0x80041017
![[Homepage]](/battie/theme/default/homepage.gif)
+9 replies
+8 replies
IFS=', ' read -a WS_ARRAY <<< "$WS"
+3 replies
LOGFILE=$OPTARG
LOGFILE="$OPTARG"
+2 replies
read -a
1
2
3
# [ -z $TEST ] && echo "Leer" || echo "Nicht leer"
-bash: [: foo: binary operator expected
Nicht leer
+3 replies
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
#!/bin/bash
DEBUG=0
EXITCODE=0
EXITSTRING=""
LASTSTR=""
MARCOLIST="ITEMCOUNT,LASTSTR"
ERROR_EVENTTYPE=""
E_SUCCESS="0"
E_WARNING="1"
E_CRITICAL="2"
E_UNKNOWN="3"
## TMP directory where wmic outputs
TMPDIR=/tmp
## WMIC binary
WMIC=/bin/wmic
## Custom exit test , can be set as an argumenten in command line as -O ,-W ,-C, -U
CUSTOM_EXIT_STR[$E_SUCCESS]=""
CUSTOM_EXIT_STR[$E_WARNING]=""
CUSTOM_EXIT_STR[$E_CRITICAL]=""
CUSTOM_EXIT_STR[$E_UNKNOWN]=""
##
E_STR[0]="OK"
E_STR[1]="WARNING"
E_STR[2]="CRITICAL"
E_STR[3]="UNKNOWN"
ETYPE[1]="Error"
ETYPE[2]="Warning"
ETYPE[3]="Information"
ETYPE[4]="Security Audit Success"
ETYPE[5]="Security Audit Failure"
while getopts "hH:u:p:l:t:e:s:Sw:c:m:W:C:O:U:dv" OPTION
do
case $OPTION in
H)
HOST=$OPTARG
;;
u)
USER=$OPTARG
;;
p)
PASSWD=$OPTARG
;;
l)
LOGFILE="$OPTARG"
;;
esac
done
function WQL_Constructor
{
local WS=$1
local WS_FIELD=$2
local WS_TYPE=$3
if [ -n "$WS" ]
then
local WS_WQL=" ( "
INDEX=0
IFS=', ' read -a WS_ARRAY <<< "$WS"
for WS_ELEMENT in ${WS_ARRAY[@]}
do
((INDEX++))
if [[ $WS_TYPE == "like" ]]
then
WS_WQL+=$WS_FIELD' like "%'$WS_ELEMENT'%"'
else
WS_WQL+=$WS_FIELD' = "'$WS_ELEMENT'"'
fi
if [ $INDEX -lt "${#WS_ARRAY[@]}" ]
then
WS_WQL+=" or "
else
WS_WQL+=" ) and "
fi
done
fi
echo $WS_WQL
}
EXTRA_WQL=" "$(WQL_Constructor "$LOGFILE" "Logfile" "" )
echo $EXTRA_WQL
WQL='Select EventCode,EventIdentifier,EventType,SourceName from Win32_NTLogEvent where '$EXTRA_WQL' TimeGenerated > "'$NOW'"'
##WQL='Select EventCode,EventIdentifier,EventType from Win32_NTLogEvent where logfile="'$LOGFILE'" and eventcode='$EVENTID' and TimeGenerated > "'$NOW'" '$EXTRA_WQL
echo "$WMIC --namespace root/cimv2 -U $USER%$PASSWD //$HOST '--delimiter=\"|\"' '"$WQL"'"
+2 replies
+4 replies
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
function WQL_Constructor
{
local WS="$1"
local WS_FIELD=$2
local WS_TYPE=$3
if [ -n "$WS" ]
then
local WS_WQL=" ( "
INDEX=0
WS=$(echo "$WS" | sed -e 's/ /#x20#/g')
IFS=',' read -a WS_ARRAY <<< "$WS"
for WS_ELEMENT in ${WS_ARRAY[@]}
do
((INDEX++))
if [[ $WS_TYPE == "like" ]]
then
WS_WQL+=$WS_FIELD' like "%'$WS_ELEMENT'%"'
else
WS_WQL+=$WS_FIELD' = "'$WS_ELEMENT'"'
fi
if [ $INDEX -lt "${#WS_ARRAY[@]}" ]
then
WS_WQL+=" or "
else
WS_WQL+=" ) and "
fi
done
fi
WS_WQL=$(echo "$WS_WQL" | sed -e 's/#x20#/ /g')
echo $WS_WQL
}
+3 replies
1
2
( Logfile = "veeam backup" ) and ( eventcode = "250" ) and ( EventType = "1" ) and
WARNING 1 with Severity Level Error in veeam backup with in the last 1 Days,|eventid250=1;1;3;;
+2 replies
1
2
3
Long plugin output
( Logfile = "Veeam Backup" ) and ( eventcode = "190" ) and ( Message like "%SCH_14_Daily_2200_Win_Unix%" ) and ( EventType = "1" ) and
Critical, found 5 Backup failures in 1 Days
Schrift
Tipp zum Debugging
Blog
Einstellungen![[feed]](/battie/theme/default/icons/feed.png){kind=icon}
Tags:
![[Powered by Battie]](/battie/img/powered.png)
