I am having trouble to configure Windows Event Log Monitoring using nscp.exe. This will not take a -ve value.
Getting error (Invalid command line: unrecognised option ‘-1d’)
Getting error (Invalid command line: unrecognised option ‘-1h’)
Failed to process command : bad lexical cast: source type value could not be interpreted as target|
Expected Behavior
It should scan the log for last one day only and if any error is found it will report. If I use filter further like
'nscp.exe’ ‘client’ ‘–log’ ‘critical’ ‘–module’ ‘CheckEventlog’ ‘-a’ ‘filter=provider = ‘’’***App’’’ and id IN (’’‘20’’’)’ ‘-a’ ‘scan-range=-1hr’ ‘-b’ ‘-q’ ‘check_eventlog’.
Actual Behavior
C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range="
CRITICAL: 2 message(s) Application XYZApp (Test Event Log), Application XYZApp (Test Event Log)|'problem_count'=1;0;0
Till the time I do not mention the negative value of scan-range it is working. Below is example of Positive Value
C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range=1h"
CRITICAL: 3 message(s) Application XYZApp (XYZ Test Event for icinga testing), Application XYZApp (Test Event Log), Application XYZApp (Test Event Log)|'problem_count'=1;0;0
Now as soon as I mention -ve value as I am suppose to do it is failing
C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range=-1h"
Invalid command line: unrecognised option '-1h'
Issue and Steps to Reproduce
I am having trouble to configure Windows Event Log Monitoring using nscp.exe. This will not take a -ve value. Getting error (Invalid command line: unrecognised option ‘-1d’)
Getting error (Invalid command line: unrecognised option ‘-1h’) Failed to process command : bad lexical cast: source type value could not be interpreted as target|
Expected Behavior
It should scan the log for last one day only and if any error is found it will report. If I use filter further like 'nscp.exe’ ‘client’ ‘–log’ ‘critical’ ‘–module’ ‘CheckEventlog’ ‘-a’ ‘filter=provider = ‘’’***App’’’ and id IN (’’‘20’’’)’ ‘-a’ ‘scan-range=-1hr’ ‘-b’ ‘-q’ ‘check_eventlog’.
Actual Behavior
C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range=" CRITICAL: 2 message(s) Application XYZApp (Test Event Log), Application XYZApp (Test Event Log)|'problem_count'=1;0;0
Till the time I do not mention the negative value of scan-range it is working. Below is example of Positive Value
C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range=1h" CRITICAL: 3 message(s) Application XYZApp (XYZ Test Event for icinga testing), Application XYZApp (Test Event Log), Application XYZApp (Test Event Log)|'problem_count'=1;0;0
Now as soon as I mention -ve value as I am suppose to do it is failing C:\Program Files\NSClient++>nscp.exe client --log critical --module CheckEventlog -b -q check_eventlog -a "filter=provider='XYZApp' and id IN ('20')" -a "scan-range=-1h" Invalid command line: unrecognised option '-1h'
Details
nscp --version NSClient++, Version: 0.5.2.39 2018-02-04, Platform: x64
OS and Version: Windows Server 2016
Checking from: Icinga ...
Checking with: nscp-local, ...
Additional Details
; Undocumented key CheckEventLog = enabled
; Undocumented key CheckSystem = enabled
NSClient++ log: