samba - May 2004 - Gathering EventLog Information from a remote server or workstation

Hi everyone,

I've recently begun looking into ways of automating the monitoring of all my
servers.  Whilst most of the Linux/BSD stuff is sorted, I am having more
difficulties gathing the details of the Windows Boxes.

The main source of problems is how to retrieve the event log details from a
remote machine.  During my research I came across some old mailling list
articules in 1999 regarding 'rpcclient' and a command that was looking
to get
implented onto that for eventvwr.  Does anyone know if this work is still going
on?

If rpcclient eventvwr support is no longer planned, can anyone make any
suggestions of how to get the information using Linux/BSD tools.  I have found a
few tutorials on how to get the information using Perl, but these are when also
running Perl from a win32 operating system, I would like to monitor as much as
possible from the Linux boxes (currently using a mixture of SNMP tools, MRTG
&
Nagios).

Thanks in advance for any assistance offered.

Lee.

Lee W wrote:
>Hi everyone,
>
>I've recently begun looking into ways of automating the monitoring of
all my
>servers.  Whilst most of the Linux/BSD stuff is sorted, I am having more
>difficulties gathing the details of the Windows Boxes.
>
>The main source of problems is how to retrieve the event log details from a
>remote machine.  During my research I came across some old mailling list
>articules in 1999 regarding 'rpcclient' and a command that was
looking to get
>implented onto that for eventvwr.  Does anyone know if this work is still
going
>on?
>
>If rpcclient eventvwr support is no longer planned, can anyone make any
>suggestions of how to get the information using Linux/BSD tools.  I have
found a
>few tutorials on how to get the information using Perl, but these are when
also
>running Perl from a win32 operating system, I would like to monitor as much
as
>possible from the Linux boxes (currently using a mixture of SNMP tools, MRTG
&
>Nagios).
>
>Thanks in advance for any assistance offered.
>
>Lee.
>
>
>  
>
Actually, I'm interested in this as well, although the best way I know 
to retrieve event log info remotely is through WMI.  Unfortunately, 
there's no WMI implementation outside of Microsoft's on Windows (Windows
Scripting Host).  The best way I could see to do it would be to 
consolidate all the Event Logs via polling to a text file on a Windows 
box would could be shared or monitored from your Linux box via 
smbfs/nfs, etc.

Clint