what's the use case of global event handler in nagios and how can I configure it to send the information to my otherserver where I have to perform some action based on the information sent (like servicestate, service attempt etc.,)
Specifically, I just need a way to invoke a script, whenever any service goes off or any host dies irrespective of whatever it is
You define the event handler in the commands.cfg file in Nagios. Adding Nagios MACROS' as arguments to pass to the event handler. Then add the event handler to your default template (often generic-service), so that everything uses it. This is all explained in great detail in the Nagios Core documentation. Then the event handler script/program is ran AFTER each event.
Related
I want to register a callback so my code can receive and process all new event logs for Microsoft-Windows-WMI-Activity/Trace.
To clarify, the log path for Microsoft-Windows-WMI-Activity/Trace is %SystemRoot%\System32\Winevt\Logs\Microsoft-Windows-WMI-Activity%4Trace.etl, and in the Windows Event Viewer, these events can be found in the tree under Application and Services Logs > Microsoft > Windows > WMI-Activity > Trace.
I know EvtSubscribe() can be used to subscribe to events on channels, but I want to know if this function can also be used for subscribing to events on Microsoft-Windows-WMI-Activity/Trace.
I know for the ChannelPath parameter, it says on the function's docs page that
you cannot subscribe to Analytic or Debug channels
When I view the properties for Microsoft-Windows-WMI-Activity/Trace in Event Viewer, I see the log is of type Analytic, so it seems I cannot subscribe with this function:
My questions:
Can I use this function to subscribe to Microsoft-Windows-WMI-Activity/Trace?
If I cannot with this function, is there some other function in the Windows API that I can use instead that will allow me to subscribe?
As you can see in the article
you cannot subscribe to Analytic or Debug channels
EvtSubscribe() cannot subscribe to Microsoft-Windows-WMI-Activity/Trace.
Explained in the introduction to the Event Types
-Direct channel
You cannot subscribe to a direct channel, but you can query a direct
channel.
A direct channel is performance-oriented. Events are not processed in
any way by the eventing system. This allows the direct channel to
support high volumes of events.
Direct channels have the following types:
Analytic
Analytic events are published in high volume. They describe program
operation and indicate problems that cannot be handled by user
intervention.
At present, in the officially provided method, seems to only be viewable through the Event Viewer.
https://learn.microsoft.com/en-us/windows/win32/wmisdk/tracing-wmi-activity#obtaining-wmi-events-through-event-viewer
I am using nagios to monitor certain services. I want to trigger event when particular services goes in error state. Lets say disk space is full so send event(like RPC ) to particular service which will resolve this issue.How to configure nagios to send such event ?
In nagios, these are called event handlers. You define a command and tell the service to run that under the proper circumstances.
I currently have my application integrated with Hibernate. It saves/retrieves data from the database successfully. Next, I would like to configure ehcache such that my application does not have to hit the database every time.
That being said, I was wondering if there are any ehcache event handlers that would allow me to run some custom piece of code before (or after) a cache operation (i.e. put, remove, get, etc.)?
Also, when my application is about to save a DAO, my understanding is hibernate will push that to the database. What I would like to know whether the db operation will be performed before, during or after the event handler (above) is triggered?
Perhaps you could create a CacheEventListener which would allow you to receive notifications of put/update/remove events - and then you could perform some action accordingly. The notification occurs after the event has happened.
You configure a listener in the ehcache.xml file on a per-cache basis:
<cache ...>
<cacheEventListenerFactory class="your.listener.FactoryClass" />
...
</cache>
Where the cacheEventListenerFactory is a class that you create which in turn creates your listener. See the EHCache docs for more detailed info.
For integration of EHCache with Hibernate, you should look at the EhCacheRegionFactory. Again see the docs for step by step instructions of how this is set up.
the title is quite general but my doubt is specific.
I have doubt regarding where to write the service logic code (in service control handler or in ServiceMain),as in whatever the functionality the service would perform . Is it in ServiceMain ?
I have looked upon these topics on MSDN relate to service. But ,didn't help me
http://msdn.microsoft.com/en-us/library/ms687414%28VS.85%29.aspx
http://msdn.microsoft.com/en-us/library/ms685984%28v=vs.85%29.aspx
Basically, I want to start a socket listening on windows using a service. This listening socket logic code will be in service file because of I am going to use winexe utility to send this service from linux box to windows box. currently, winexe sends the winexesvc service file on windows. So, ultimately I am going to replace the existing winexesvc service so that it will perform listening on a particular port function when sent on windows. (Service skeleton would remain same but its task performing logic will change,right?). please tell if I am missing anything.
Thanks in advance.
Service control handler should only, well, handle control messages that are sent to the service (the ones shown in the examples you linked are SERVICE_CONTROL_STOP and SERVICE_CONTROL_INTERROGATE). These control messages are sent to the service from the environment.
The logic of your service should be implemented in the ServiceMain function, when all required initialization is done. In the example at the URL in your post, the service logic code is put into the SvcInit function (which is probably not the most appropriate name for a function that implements logic of a service).
I am using Service Broker external activation. I have created event notification for queue (QUEUE_ACTIVATION). Currently making a lots of tests and sometimes my queue gets deactivated.
After enabling queue Event notification does not work anymore and external activator does not start console app.
i found this, but that seems to be something else as "select * from sys.event_notifications" shows that there is already created event notification.
I do drop and create again the same event notification to make it work, but it seems to be wrong..
How can i detect automatically that event notification is not working?
You probably don't RECEIVE and commit the notification from the monitoring queue, causing the notification to go into NOTIFIED state but never transitioning to RECEIVES_OCCURING. See Understanding Queue Monitors.