Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Denis Kolmykov2014-07-03 15:29:11
System administration
Denis Kolmykov, 2014-07-03 15:29:11

How to properly configure Windows EventLog collection via SNMP?

I set up Windows logging on Zabbix server via SNMP traps.
Settings /etc/snmp/snmptrapd.conf

disableAuthorization yes
perl do "/usr/local/bin/zabbix_trap_receiver.pl"

Settings /usr/local/etc/zabbix_server.conf
SNMPTrapperFile=/tmp/zabbix_traps.tmp
 StartSNMPTrapper=1

Accordingly, a standard Perl script is used.
The log distribution on Windows is done via evntwin .
Everything seems to work, but the messages come in this format:
16:16:35 2014/07/03 PDU INFO:
  notificationtype               TRAP
  version                        0
  receivedfrom                   UDP: [10.0.XXX.XXX]:61082->[10.0.XXX.YYY]
  errorstatus                    0
  messageid                      0
  community                      zabbix
  transactionid                  61
  errorindex                     0
  requestid                      0
VARBINDS:
  iso.3.6.1.2.1.1.3.0            type=67 value=Timeticks: (2976282) 8:16:02.82
  iso.3.6.1.6.3.1.1.4.1.0        type=6  value=OID: iso.3.6.1.4.1.311.1.13.1.23.83.101.114.118.105.99.101.32.67.111.110.116.114.111.108.32.77.97.110.97.103.101.114.0.1073748860
  iso.3.6.1.4.1.311.1.13.1.9999.1.0 type=4  value=Hex-STRING: D1 EB F3 E6 E1 E0 20 22 CF EB E0 ED E8 F0 EE E2 
F9 E8 EA 20 EA EB E0 F1 F1 EE E2 20 EC F3 EB FC 
F2 E8 EC E5 E4 E8 E0 22 20 EF E5 F0 E5 F8 EB E0 
20 E2 20 F1 EE F1 F2 EE FF ED E8 E5 20 CE F1 F2 
E0 ED EE E2 EB E5 ED E0 2E 0D 0A 
  iso.3.6.1.4.1.311.1.13.1.9999.2.0 type=4  value=STRING: "Unknown"
  iso.3.6.1.4.1.311.1.13.1.9999.3.0 type=4  value=STRING: "computer.domain.com"
  iso.3.6.1.4.1.311.1.13.1.9999.4.0 type=4  value=STRING: "4"
  iso.3.6.1.4.1.311.1.13.1.9999.5.0 type=4  value=STRING: "0"
  iso.3.6.1.4.1.311.1.13.1.9999.6.0 type=4  value=Hex-STRING: CF EB E0 ED E8 F0 EE E2 F9 E8 EA 20 EA EB E0 F1 
F1 EE E2 20 EC F3 EB FC F2 E8 EC E5 E4 E8 E0 
  iso.3.6.1.4.1.311.1.13.1.9999.7.0 type=4  value=Hex-STRING: CE F1 F2 E0 ED EE E2 EB E5 ED E0 
  iso.3.6.1.6.3.18.1.3.0         type=64 value=IpAddress: 10.0.XXX.XXX
  iso.3.6.1.6.3.18.1.4.0         type=4  value=STRING: "zabbix"
  iso.3.6.1.6.3.1.1.4.3.0        type=6  value=OID: iso.3.6.1.4.1.311.1.13.1.23.83.101.114.118.105.99.101.32.67.111.110.116.114.111.108.32.77.97.110.97.103.101.114

Can this be brought back to normal? Or at least send a message in normal encoding, not HEX numbers?
Tried Windows 7 and Windows 2003 Server. Zabbix version 2.0.8 on Ubuntu 12.04 Server.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey SA, 2014-07-04
@resetsa

just yesterday I struggled with such rubbish, it sends Russian messages in cp1251 in the form of hex.
I use snmptt, I screwed up a self-made transcoder from hex code to a string.

Similar questions
S
SpeNch2020-11-14 21:22:37
How to avoid lags? 2Reply
A
Anatoly2016-08-20 10:45:14
How to change the font in 1C configurations? 1Reply
V
Vladimir Solovyov2016-08-20 11:28:20
Is it possible to connect two OpenVPN networks? 4Reply
F
frankywhy2016-08-20 15:50:59
How to host two versions of windows with different answer files on the same wds server? 1Reply
M
mts20502016-08-23 03:20:12
Speed ​​of centos 6 and centos 7? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question