What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Search String in Event Log (Windows API) Sensor

Votes:

0

I try to filter a String in the Event Message. The Filter includes 2 tab-stops (EventID: 4624, String in the Event Message: Logon Type: 3).
I enter the string step by step.
After entering %Logon% - I have results, but not the rights.
After entering %Logon Type:% I have results, but not the rights.
After entering %Logon Type: 3% - I have no results.
Is it possible to use placeholders or wildcards for the 2 tab-stops in the string?

Thanks in advance!!

event-log--windows-api--sensor filter prtg string

Created on May 5, 2021 7:53:02 AM

Last change on May 5, 2021 8:20:06 AM by Felix Wiesneth [Paessler Support]



1 Reply

Votes:

0

Hello,

The sensor checks if the string configured as "filter" is part of the event-log-message for the event logs within the last scanning interval. You can use percent sign % as wildcard if you want to check if the string is part of the message. Otherwise, the whole event message must match the string. Maybe this article might help as well.

If you want us to take a closer look, feel free to send us screenshots of your settings and the corresponding windows event log to [email protected]

Created on May 7, 2021 11:22:48 AM by Timo Dambach [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.