{"DataList":{"IcingaCheckEventlog IncludeEntryType":{"list_name":"IcingaCheckEventlog IncludeEntryType","originalId":"2","entries":[{"allowed_roles":null,"entry_value":"Information","entry_name":"Information","format":"string"},{"allowed_roles":null,"entry_value":"Warning","entry_name":"Warning","format":"string"},{"allowed_roles":null,"entry_value":"Error","entry_name":"Error","format":"string"},{"allowed_roles":null,"entry_value":"SuccessAudit","entry_name":"SuccessAudit","format":"string"},{"allowed_roles":null,"entry_value":"FailureAudit","entry_name":"FailureAudit","format":"string"}],"owner":"stein"},"PowerShell ExecutionPolicies":{"list_name":"PowerShell ExecutionPolicies","originalId":"2","entries":[{"allowed_roles":null,"entry_value":"AllSigned","entry_name":"AllSigned","format":"string"},{"allowed_roles":null,"entry_value":"Bypass","entry_name":"Bypass","format":"string"},{"allowed_roles":null,"entry_value":"Default","entry_name":"Default","format":"string"},{"allowed_roles":null,"entry_value":"RemoteSigned","entry_name":"RemoteSigned","format":"string"},{"allowed_roles":null,"entry_value":"Restricted","entry_name":"Restricted","format":"string"},{"allowed_roles":null,"entry_value":"Undefined","entry_name":"Undefined","format":"string"},{"allowed_roles":null,"entry_value":"Unrestricted","entry_name":"Unrestricted","format":"string"}],"owner":"stein"},"IcingaCheckEventlog Verbosity":{"list_name":"IcingaCheckEventlog Verbosity","originalId":"2","entries":[{"allowed_roles":null,"entry_value":"0","entry_name":"0","format":"string"},{"allowed_roles":null,"entry_value":"1","entry_name":"1","format":"string"},{"allowed_roles":null,"entry_value":"2","entry_name":"2","format":"string"},{"allowed_roles":null,"entry_value":"3","entry_name":"3","format":"string"}],"owner":"stein"},"IcingaCheckEventlog ExcludeEntryType":{"list_name":"IcingaCheckEventlog ExcludeEntryType","originalId":"2","entries":[{"allowed_roles":null,"entry_value":"Information","entry_name":"Information","format":"string"},{"allowed_roles":null,"entry_value":"Warning","entry_name":"Warning","format":"string"},{"allowed_roles":null,"entry_value":"Error","entry_name":"Error","format":"string"},{"allowed_roles":null,"entry_value":"SuccessAudit","entry_name":"SuccessAudit","format":"string"},{"allowed_roles":null,"entry_value":"FailureAudit","entry_name":"FailureAudit","format":"string"}],"owner":"stein"}},"Command":{"PowerShell Base":{"methods_execute":"PluginCheck","object_name":"PowerShell Base","vars":{"IcingaPowerShellBase_String_ExecutionPolicy":"ByPass"},"is_string":null,"command":"C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe","zone":null,"disabled":false,"fields":[{"datafield_id":2,"is_required":"n","var_filter":null}],"arguments":{"-ExecutionPolicy":{"value":"$IcingaPowerShellBase_String_ExecutionPolicy$","order":"-1"},"-NoProfile":{"set_if":true,"order":"-3"},"-NoLogo":{"set_if":true,"order":"-2"}},"imports":[],"object_type":"object","timeout":"180"},"Invoke-IcingaCheckEventlog":{"fields":[{"datafield_id":4,"is_required":"n","var_filter":null},{"datafield_id":5,"is_required":"n","var_filter":null},{"datafield_id":6,"is_required":"n","var_filter":null},{"datafield_id":7,"is_required":"n","var_filter":null},{"datafield_id":8,"is_required":"n","var_filter":null},{"datafield_id":9,"is_required":"n","var_filter":null},{"datafield_id":10,"is_required":"n","var_filter":null},{"datafield_id":11,"is_required":"n","var_filter":null},{"datafield_id":12,"is_required":"n","var_filter":null},{"datafield_id":13,"is_required":"n","var_filter":null},{"datafield_id":14,"is_required":"n","var_filter":null},{"datafield_id":15,"is_required":"n","var_filter":null},{"datafield_id":16,"is_required":"n","var_filter":null},{"datafield_id":17,"is_required":"n","var_filter":null},{"datafield_id":18,"is_required":"n","var_filter":null},{"datafield_id":19,"is_required":"n","var_filter":null},{"datafield_id":20,"is_required":"n","var_filter":null},{"datafield_id":21,"is_required":"n","var_filter":null},{"datafield_id":22,"is_required":"n","var_filter":null},{"datafield_id":23,"is_required":"n","var_filter":null}],"object_name":"Invoke-IcingaCheckEventlog","arguments":{"-Before":{"value":"$IcingaCheckEventlog_Object_Before$","order":"16"},"-NoPerfData":{"set_if":"$IcingaCheckEventlog_Switchparameter_NoPerfData$","set_if_format":"string","order":"99"},"-IncludeMessage":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_IncludeMessage$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"11"},"-IncludeSource":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_IncludeSource$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"13"},"-After":{"value":"$IcingaCheckEventlog_Object_After$","order":"15"},"-IncludeEventId":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_IncludeEventId$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"5"},"-LogName":{"value":"$IcingaCheckEventlog_String_LogName$","order":"4"},"-C":{"value":"try { Use-Icinga -Minimal; } catch { Write-Output \u0027The Icinga PowerShell Framework is either not installed on the system or not configured properly. Please check https://icinga.com/docs/windows for further details\u0027; Write-Output \u0027Error:\u0027 $$($$_.Exception.Message)Components:`r`n$$( Get-Module -ListAvailable \u0027icinga-powershell-*\u0027 )`r`n\u0027Module-Path:\u0027`r`n$$($$Env:PSModulePath); exit 3; }; Exit-IcingaExecutePlugin -Command \u0027Invoke-IcingaCheckEventlog\u0027 ","order":"0"},"-ThresholdInterval":{"value":"$IcingaCheckEventlog_String_ThresholdInterval$","order":"100"},"-ExcludeSource":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_ExcludeSource$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"14"},"-ExcludeUsername":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_ExcludeUsername$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"8"},"-ExcludeEntryType":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_ExcludeEntryType$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"10"},"-IncludeEntryType":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_IncludeEntryType$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"9"},"-MaxEntries":{"value":"$IcingaCheckEventlog_Int32_MaxEntries$","order":"17"},"-Verbosity":{"value":"$IcingaCheckEventlog_Int32_Verbosity$","order":"18"},"-ExcludeEventId":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_ExcludeEventId$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"6"},"-Critical":{"value":"$IcingaCheckEventlog_Object_Critical$","order":"3"},"-DisableTimeCache":{"set_if":"$IcingaCheckEventlog_Switchparameter_DisableTimeCache$","set_if_format":"string","order":"99"},"-Warning":{"value":"$IcingaCheckEventlog_Object_Warning$","order":"2"},"-IncludeUsername":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_IncludeUsername$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"7"},"-ExcludeMessage":{"value":{"body":"var arr = macro(\"$IcingaCheckEventlog_Array_ExcludeMessage$\");\r\n if (len(arr) == 0) {\r\n return \"@()\";\r\n }\r\n return arr.map(\r\n x =\u003e if (typeof(x) == String) {\r\n var argLen = len(x);\r\n if (argLen != 0 \u0026\u0026 x.substr(0,1) == \"\u0027\" \u0026\u0026 x.substr(argLen - 1, argLen) == \"\u0027\") {\r\n x;\r\n } else {\r\n \"\u0027\" + x + \"\u0027\";\r\n }\r\n } else {\r\n x;\r\n }\r\n ).join(\",\");","type":"Function"},"order":"12"}},"imports":["PowerShell Base"],"object_type":"object","vars":{"IcingaCheckEventlog_Switchparameter_NoPerfData":false,"IcingaCheckEventlog_Switchparameter_DisableTimeCache":false}}},"Datafield":{"16":{"settings":{"visibility":"visible"},"description":"Used to specify an array of message sources within the eventlog to be included.","caption":"IncludeSource","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"16","varname":"IcingaCheckEventlog_Array_IncludeSource","format":null},"7":{"settings":{"visibility":"visible"},"description":"Used to specify a certain log.","caption":"LogName","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"7","varname":"IcingaCheckEventlog_String_LogName","format":null},"5":{"settings":{"visibility":"visible"},"description":"Used to specify a Warning threshold.","caption":"Warning","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"5","varname":"IcingaCheckEventlog_Object_Warning","format":null},"21":{"settings":{"visibility":"visible"},"description":"Switch to disable the time cache on a check. If this parameter is set the time cache is disabled.\nAfter the check has been run once, the next check instance will filter through the eventlog from the point the last check ended.\nThis is due to the time cache, when disabled the whole eventlog is checked instead.","caption":"DisableTimeCache","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeBoolean","originalId":"21","varname":"IcingaCheckEventlog_Switchparameter_DisableTimeCache","format":null},"18":{"settings":{"visibility":"visible"},"description":"Used to specify time data of which point the plugin should start to read event logs from.\nYou can either use a fixed date and time like \"2021/01/30 12:00:00\", a fixed day \"2021/01/30\" or use more dynamic approaches like \"1d\", \"10h\" and so on.\n\nAllowed units: ms, s, m, h, d, w, M, y","caption":"After","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"18","varname":"IcingaCheckEventlog_Object_After","format":null},"12":{"settings":{"datalist":"IcingaCheckEventlog IncludeEntryType","behavior":"strict","data_type":"array"},"description":"Used to specify an array of entry types within the eventlog to be included. Please note that\n`SuccessAudit` and `FailureAudit` only apply to the `Security` EventLog.","caption":"IncludeEntryType","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeDatalist","originalId":"12","varname":"IcingaCheckEventlog_Array_IncludeEntryType","format":null},"10":{"settings":{"visibility":"visible"},"description":"Used to specify an array of usernames within the eventlog to be included.","caption":"IncludeUsername","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"10","varname":"IcingaCheckEventlog_Array_IncludeUsername","format":null},"2":{"settings":{"datalist":"PowerShell ExecutionPolicies","behavior":"strict","data_type":"string"},"description":"Defines with which Execution Policy the PowerShell is started","caption":"PowerShell Execution Policy","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeDatalist","originalId":"2","varname":"IcingaPowerShellBase_String_ExecutionPolicy","format":null},"22":{"settings":{"visibility":"visible"},"description":"Used to disable PerfData.","caption":"NoPerfData","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeBoolean","originalId":"22","varname":"IcingaCheckEventlog_Switchparameter_NoPerfData","format":null},"8":{"settings":{"visibility":"visible"},"description":"Used to specify an array of events identified by their id to be included.","caption":"IncludeEventId","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"8","varname":"IcingaCheckEventlog_Array_IncludeEventId","format":null},"17":{"settings":{"visibility":"visible"},"description":"Used to specify an array of message sources within the eventlog to be excluded.","caption":"ExcludeSource","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"17","varname":"IcingaCheckEventlog_Array_ExcludeSource","format":null},"11":{"settings":{"visibility":"visible"},"description":"Used to specify an array of usernames within the eventlog to be excluded.","caption":"ExcludeUsername","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"11","varname":"IcingaCheckEventlog_Array_ExcludeUsername","format":null},"9":{"settings":{"visibility":"visible"},"description":"Used to specify an array of events identified by their id to be excluded.","caption":"ExcludeEventId","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"9","varname":"IcingaCheckEventlog_Array_ExcludeEventId","format":null},"14":{"settings":{"visibility":"visible"},"description":"Used to specify an array of messages within the eventlog to be included.","caption":"IncludeMessage","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"14","varname":"IcingaCheckEventlog_Array_IncludeMessage","format":null},"20":{"settings":{"visibility":"visible"},"description":"Allows to limit the amount of log entries fetched by Get-WinEvent, to increase performance and reduce system load impact\nShould match the average amount of log files written for the intended time range filtered","caption":"MaxEntries","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeNumber","originalId":"20","varname":"IcingaCheckEventlog_Int32_MaxEntries","format":null},"15":{"settings":{"visibility":"visible"},"description":"Used to specify an array of messages within the eventlog to be excluded.","caption":"ExcludeMessage","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeArray","originalId":"15","varname":"IcingaCheckEventlog_Array_ExcludeMessage","format":null},"23":{"settings":{"datalist":"IcingaCheckEventlog Verbosity","behavior":"strict","data_type":"string"},"description":"Changes the behavior of the plugin output which check states are printed:\n0 (default): Only service checks/packages with state not OK will be printed\n1: Only services with not OK will be printed including OK checks of affected check packages including Package config\n2: Everything will be printed regardless of the check state\n3: Identical to Verbose 2, but prints in addition the check package configuration e.g (All must be [OK])","caption":"Verbosity","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeDatalist","originalId":"23","varname":"IcingaCheckEventlog_Int32_Verbosity","format":null},"6":{"settings":{"visibility":"visible"},"description":"Used to specify a Critical threshold.","caption":"Critical","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"6","varname":"IcingaCheckEventlog_Object_Critical","format":null},"4":{"settings":{"visibility":"visible"},"description":"Change the value your defined threshold checks against from the current value to a collected time threshold of the Icinga for Windows daemon, as described here: https://icinga.com/docs/icinga-for-windows/latest/doc/service/10-Register-Service-Checks/ An example for this argument would be 1m or 15m which will use the average of 1m or 15m for monitoring.","caption":"ThresholdInterval","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"4","varname":"IcingaCheckEventlog_String_ThresholdInterval","format":null},"19":{"settings":{"visibility":"visible"},"description":"Used to specify time data of which point the plugin should stop considering event logs.\nYou can either use a fixed date and time like \"2021/01/30 12:00:00\", a fixed day \"2021/01/30\" or use more dynamic approaches like \"1d\", \"10h\" and so on.\n\nBy using \"2h\" for example, log files of the last 2 hours will be ignored. Please ensure to manually set the `-After` argument and ensure you go back\nfurther in time with the `-After` argument than the `-Before` argument.\n\nAllowed units: ms, s, m, h, d, w, M, y","caption":"Before","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeString","originalId":"19","varname":"IcingaCheckEventlog_Object_Before","format":null},"13":{"settings":{"datalist":"IcingaCheckEventlog ExcludeEntryType","behavior":"strict","data_type":"array"},"description":"Used to specify an array of entry types within the eventlog to be excluded. Please note that\n`SuccessAudit` and `FailureAudit` only apply to the `Security` EventLog.","caption":"ExcludeEntryType","datatype":"Icinga\\Module\\Director\\DataType\\DataTypeDatalist","originalId":"13","varname":"IcingaCheckEventlog_Array_ExcludeEntryType","format":null}}}
|