we have some scripts that write event log entries during the execution. Since we want to monitor whether or not those scripts are running, a WMI Event Log Sensor seems like a perfect solution. I set up about 10 sensors for 10 scripts so far, and set the lower error threshold to 0,001#/s, since if a script is running, the number should be above that value and if it isn't running, there will be no (0#/s) entries. I also set the decimal point to "all". Works mostly fine so far, but unfortunately, there seem to be some issues.
I noticed that after a sensor was paused, it will return 0 upon the first query, even if there are entries created between its last execution, followed by pausing, and the current query. This sets the sensor to the down state, since according to the WMI Event Log Sensor manual page:
"If you define error limits for a sensor's channels, the sensor immediately shows the Down status. None of the interval options apply. If a channel uses lookup values, the sensor immediately shows the Down status. None of the interval options apply."
My question is, how does the WMI Event Log Sensor query the new entries and what is the reason for it showing 0 on the first query? Is there a workaround? At this point, it seems pretty useless for this scenario, since it would trigger notifications and show up red in system every time the sensor is unpaused/the script starts running, which means everyday.
Another issue I had is that I've seen sensors with the configuration described above triggering "down" status twice, both times because the query was executed about 1:30 minutes before it was supposed to according to the interval. Since the sensor interval is set to the same value as the script interval, it obviously found no entries, because there couldn't hav been any. What could be a reason for this kind of behavior and how, if at all, can it be prevented in the future?
We're running PRTG Version 20.4.64.1402+ on a Windows Server 2016. The sensors in question are running on both a remote and a local probe.
Add comment