Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-21368

Item eventlog with preprocessing loses the attributes Local time, Source, Severity, and Event ID in latest data

XMLWordPrintable

    • Icon: Problem report Problem report
    • Resolution: Unresolved
    • Icon: Trivial Trivial
    • None
    • 6.0.6, 6.2.0
    • Server (S)
    • None

      Steps to reproduce:

      1. Create an eventlog item for Windows. Incoming events are correct for now in latest data.
      2. Add preprocessing to this item.
      $AUTH.LOG.ALLOW = '.+'    # Any
$AUTH.LOG.DENY  = '(?!)'  # Nothing

      Result:

      In latest data the attributes Local time, Source, Severity, and Event ID are empty. Although the content is not even changed or overwritten by the RegEx, instead it is only checked for validity. Nevertheless, this seems to have an impact on these additional attributes.


      Expected:
      The attributes Local time, Source, Severity, and Event ID should remain available despite preprocessing.

        1. image-2022-07-25-11-37-19-802.png
          image-2022-07-25-11-37-19-802.png
          18 kB
        2. image-2022-07-20-16-05-44-572.png
          image-2022-07-20-16-05-44-572.png
          11 kB
        3. image-2022-07-20-16-04-45-881.png
          image-2022-07-20-16-04-45-881.png
          25 kB
        4. image-2022-07-20-16-02-17-891.png
          image-2022-07-20-16-02-17-891.png
          13 kB

            zabbix.dev Zabbix Development Team
            Taikocuya Marcel Renner
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: