Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-5646

Critical level in Windows 2008 eventlog processed incorrectly as Information level

    Details

    • Type: Incident report
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Agent (G)
    • Environment:
      Windows 2008 and 2008r2

      Description

      Microsoft introduced the "critical" log level in the event viewer in windows.
      At the moment the windows agent only has the following levels (copied from active.c):

      case EVENTLOG_SUCCESS:
      case EVENTLOG_INFORMATION_TYPE:
      severity = 1;
      zbx_snprintf(str_severity, sizeof(str_severity), INFORMATION_TYPE);
      break;
      case EVENTLOG_WARNING_TYPE:
      severity = 2;
      zbx_snprintf(str_severity, sizeof(str_severity), WARNING_TYPE);
      break;
      case EVENTLOG_ERROR_TYPE:
      severity = 4;
      zbx_snprintf(str_severity, sizeof(str_severity), ERROR_TYPE);
      break;
      case EVENTLOG_AUDIT_FAILURE:
      severity = 7;
      zbx_snprintf(str_severity, sizeof(str_severity), AUDIT_FAILURE);
      break;
      case EVENTLOG_AUDIT_SUCCESS:
      severity = 8;
      zbx_snprintf(str_severity, sizeof(str_severity), AUDIT_SUCCESS);
      break;

      Critical events are very important events to monitor to prevent disaster.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                rboersma Ruud Boersma
              • Votes:
                5 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: