Would you like to learn how to use Zabbix to monitor Event log on Windows? In this tutorial, we are going to show you how to configure Zabbix to monitor a log file on a computer running Windows.

• Zabbix version: 4.2.6
• Windows version: 2012 R2

The computer running Windows must have the Zabbix agent installed.

Hardware List:

The following section presents the list of equipment used to create this Zabbix tutorial.

Every piece of hardware listed above can be found at Amazon website.

Zabbix Playlist:

On this page, we offer quick access to a list of videos related to Zabbix installation.

Don't forget to subscribe to our youtube channel named FKIT.

Zabbix Agent Configuration Required

First, the Zabbix agent installed on the Windows computer must be configured in Active mode.

Here is an example of a Zabbix agent configuration file in Passive mode: zabbix_agentd.conf

Copy to Clipboard

Here is an example of a Zabbix agent configuration file in Active mode: zabbix_agentd.conf

Copy to Clipboard

You have finished the required part of the configuration.

Tutorial - Zabbix Monitor Windows Log File

Now, we need to access the Zabbix server dashboard and add the Windows computer as a Host.

Open your browser and enter the IP address of your web server plus /zabbix.

In our example, the following URL was entered in the Browser:

• http://35.162.85.57/zabbix

On the login screen, use the default username and default password.

• Default Username: Admin
• Default Password: zabbix

zabbix login

After a successful login, you will be sent to the Zabbix Dashboard.

zabbix dashboard

On the dashboard screen, access the Configuration menu and select the Host option.

zabbix add host

On the top right of the screen, click on the Create host button.

Zabbix Create Host

On the Host configuration screen, you will have to enter the following information:

• Host Name - Enter a Hostname to monitor.
• Visible Hostname - Repeat the hostname.
• New group - Enter a name to identify a group of similar devices.
• Agent Interface - Enter the IP address of the Hostname.

Here is the original image, before our configuration.

zabbix linux - Antes

Here is the new image with our configuration.

Zabbix Windows host

Click on the Add button to include this host on the Zabbix database.

On the dashboard screen, access the Configuration menu and select the Host option.

zabbix add host

Locate and click on the hostname that you created before.

In our example, we selected the hostname: WINDOWS-SERVER-01

On the Host properties screen, access the Applications tab.

Zabbix Windows Service Application menu

On the top right part of the screen, click on the Create application button.

Zabbix Windows Service Application

On the Host applications screen, create a new application named: LOG

After finishing the Application creation, access the Items tab.

Zabbix Item Tab

On the top right part of the screen, click on the Create item button.

On the Item creation screen, you need to configure the following items:

• Name: Enter an identification like: Windows System Log

• Type: Zabbix Agent (Active)

• Key: eventlog[System,,,,,,skip]

• Type of Information: Log

• Update interval: 1 Second

• Application: LOG

zabbix monitor event log windows

Click on the Add button to finish the Item creation and wait 5 minutes.

In order to test your configuration, access the Monitoring menu and click on the Latest data option.

Zabbix Latest data

Use the filter configuration to select the desired hostname and click on the Apply button.

In our example, we selected the hostname WINDOWS-SERVER-01.

Zabbix Windows service Filter

You should be able to see the results of your Windows log file  monitoring using Zabbix.

Zabbix event log monitor windows

Click on the History option to see more Windows event log details.

In our example, we are monitoring the Windows System Event log.

Zabbix Windows Event log example

Congratulations! You have configured the Zabbix Event log monitoring feature on Windows.