I am trying to monitor security event logs from a Windows 2003 server so that if a particular security event is logged then Hyperic will log the event and create a alert for it. I have managed to easily achieve the same type of alerting for event log Warnings and Errors from the Application and System logs. However the Security log alert does not appear to work, am I missing something?
I could not find within the Alert Condition Set any way to define a security failure or success event as the available Event Log Levels all appear to be related to event levels recorded in the System/Application logs. Therefore I used a level of Any and a substring match of Logon Failure. I then proceeded to attempt to log onto the monitored server using the wrong user name and password, sure enough the events get logged in the Security log but no alert is generated within Hyperic.
Please help! Does anybody have working instructions on how to monitor the Windows Security event log using Hyperic? I have seen the instructions contained within the user documentation but they have not been able to help.