NSClient++, Nagios and Eventlog

Nagios reading Windows Event Log

The host configuration for the example looks like:

define service{
 use                     generic-service
 host_name               windows-host
 service_description     EventLog_YOURAPPLICATION
 check_command           check_windows_eventlog
}

In commands configuration (/etc/nagios/objects/commands.cfg)

# windows eventlog
define command{
 command_name  check_windows_eventlog
 command_line  /usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c CheckEventLog -a file=application MaxWarn=1 MaxCrit=2 filter+eventSource=YOURAPPLICATION  "filter=generated gt -10m" truncate=1000  "syntax=%generated%: (%count%)" unique
}

The really important time consuming issue was:

"filter=generated gt -10m"

Most site wrote something like:

"filter=generated > -10m"

Hint: the gt instead of >
But that did not work. Mainly the result was:

CHECK_NRPE: Received 0 bytes from daemon.  Check the remote server logs for error messages.