Reading Windows Event Logs

Video Lecture

Reading Windows Event Logs Reading Windows Event Logs Reading Windows Event Logs

Description

In this lecture I create an advanced item. The item reads the windows event logs and looks for the a specific windows event id 4625 which is also known as 'failed logon'.

The item type is Zabbix Agent (Active)

and the key is

1
eventlog[Security,,,,4625,,skip]

The type of information is Log

The duration to keep the data and the frequency of checking for the item is up to you.

I then log onto my windows VM and generate some failed logins.

I then see the failed login events in the Latest Data screen.

Windows Specific Item Keys