Describe your issue and tell us how to reproduce it.
In my company we used NSClient version 0.4.3. Now I want to update the NSClient version on all Windows servers to 0.5.2.
We have Windows Server 2012 R2,2016 and 2019 in progress. In the NSClient.ini we have defined exceptions for the event log check as follows:
CheckEventLog file=system file=application file=security MaxWarn=1 MaxCrit=1 unique "syntax=[%source% %severity% %id%] %message%" "filter=generated gt -24h AND severity IN ('critical', 'error', 'warning') AND NOT (source='Crystal Reports' AND id=4353) AND NOT (source IN ('TerminalServices-Printers','Microsoft-Windows-TerminalServices-Printers') AND id IN (1108,1111))
In the old version this was not a problem and everything worked. I have taken over the existing NSClient.ini in the new version. All checks work except for the event logs. In the new version I get an error on the local device when running the nscp test -> local event log check:
eventlog Invalid types in binary operator, Failed to convert: critical, error, warning, could not convert to string from (i){-24}, (s){h}: 02:26 > convert(0) and 4 in convert(2) and ? ( Service Control Manager = Crystal Reports and 7036 = 4353 ) and ? ( Service Control Manager in TerminalServices-Printers, Microsoft-Windows-TerminalServices-Printers and 7036 in 1108, 1111)
I think the Problem is the NOT. The error message has question marks where there is a NOT.
I can't find out whether the syntax has changed in the new version, and if so, how?
I would be very grateful if you could help me with this tiresome topic.
Issue and Steps to Reproduce
Describe your issue and tell us how to reproduce it.
Expected Behavior
Look up to issue
Actual Behavior
Look up to issue
Details
Additional Details
NSClient++ log: