Event Console
This article explains how to enable the Event Console within Checkmk.
LAST TESTED ON CHECKMK 2.0.0P1
Getting Started
Background information regarding this subject is available on our:
Overview
The Event Console (EC) is a very powerful tool to receive and process incoming events. While in the past, this might have been mainly SNMP traps (the classic), EC is also a very powerful way to monitor log files.
So instead of creating a service check for a log file only, we want to show you how to forward such log files to EC for much more precise log file monitoring.
The following graphic shows the way that theĀ Eventlog data is using from the source to the destination:
Basic Event Console Configuration
Enabling the Event Console
First, we have to enable the Event Console. How to achieve that depends on the kind of server you have.
Appliance
Use the Webconf to enable the Event Console:
If you only want to process log files, you can leave the syslog/SNMP trap options unticked.
Common Checkmk Server (i.e., installed on a self-hosted Linux)
Use "omd config" from the command line to enable the Event Console:
Enabling the Message Archiving
Without having any rule packs and rules in the Event Console, all incoming events would simply be dropped. For debugging and to get started with the Event Console, we recommend to enable the message archiving in Setup/Events/Event Console:
After activating this option and activating the changes, all events (that do not match any rules) will be put into the event archive and can be watched in the view "Recent Event History".
Related articles