Hitachi

JP1 Version 12 JP1/Automatic Job Management System 3 Command Reference

5.2.15 Windows event-log monitoring job definition

This paragraph explains how to specify a definition for a Windows event-log monitoring job.

The following gives the format of, and the parameters for a Windows event-log monitoring job definition.

Format
[ntlgt={sys|sec|app|dns|dir|frs|oth};]
[ntolg="any-log-type";]
[ntevt=[v[: i[: w[: e[: s[: c[: f]]]]]]];]
[ntnsr={y|n};]
[ntsrc="source";]
[ntncl={y|n};]
[ntcls="class";]
[ntnei={y|n};]
[nteid=event-ID;]
[ntdis="explanation";]
[jpoif=macro-variable-name:passing-information-name;]
[etm=n;]
[fd=time-required-for-execution;]
[ex="execution-agent-name";]
[ha={y|n};]
[eu={ent|def};]
[ets={kl|nr|wr|an};]
[mm={and|or};]
[nmg={y|n};]
[eun=name-of-the-unit-whose-end-is-being-waited-for;]
[ega={exec|execdeffer|none};]
[uem={y|n};]
Parameters
ntlgt={sys|sec|app|dns|dir|frs|oth};

Define a log type. The default is sys.

  • sys: Monitors a system log.

  • sec: Monitors a security log.

  • app: Monitors an application log.

  • dns: Monitors the DNS Server log.#

  • dir: Monitors the Directory Service log.#

  • frs: Monitors the file reproduction service log.#

  • oth: Monitors the log type specified as the any log type. You must specify the ntolg parameter together with this parameter.

#

This type can be defined only for Windows 2000.

ntolg="any-log-type";

Define the any log type to be monitored.

The number of characters you can specify is from 1 to 255 (bytes).

If you want to use a double quotation mark (") or a hash mark (#) as a character, prefix the character with #. That is, use #" instead of " and use ## instead of #.

If you specify oth for the ntlgt parameter, but do not specify this parameter, an error occurs. If you specify a value other than oth for the ntlgt parameter, and specify this parameter, an error occurs.

ntevt=[v[:i[:w[:e[:c[:s[:f]]]]]]];

Define an event type. By default, all the types are assumed.

  • v: Monitors a verbose event.

  • i: Monitors an information event.

  • w: Monitors a warning event.

  • e: Monitors an error event.

  • c: Monitors a critical event.

  • s: Monitors a success audit event.

  • f: Monitors a failure audit event.

ntnsr={y|n};

Define judgment conditions for a source to be monitored. The default is y.

  • y: Monitors a specified source.

  • n: Monitored the sources other than a specified one. This is equivalent to NOT.

ntsrc="source";

Define a source to be monitored.

You can set a character string of 1 to 255 bytes.

If you want to use a double quotation mark (") or a hash mark (#) as a character, prefix the character by #. That is, use #" instead of " and use ## instead of #.

ntncl={y|n};

Defines judgment conditions for an event class to be monitored. The default is y.

  • y: Monitors a specified class.

  • n: Monitors the classes other than a specified one. This is equivalent to NOT.

ntcls="class";

Define an event class to be monitored.

You can set a character string of 1 to 255 bytes.

If the system cannot identify the class of a Windows event, the Windows event viewer displays Others. If you want to monitor such an unclassified event, specify None instead of Others. Even if you specify a character string of Others, no monitoring conditions are applied.

ntnei={y|n};

Define judgment conditions for an event ID to be monitored. The default is y.

  • y: Monitors a specified event ID.

  • n: Monitors the IDs other than a specified event ID.

nteid=event-ID;

Define the event ID of an event to be monitored.

You can set 0 to 4,294,967,295.

ntdis="explanation";

To monitor the explanation of a specified event, define a character string for comparison.

You can set a character string of 1 to 1,024 bytes.

If you want to use a double quotation mark (") or a hash mark (#) as a character, prefix the character by #. That is, use #" instead of " and use ## instead of #.

Note that you can use a regular expression to specify the explanation.

jpoif=macro-variable-name:passing-information-name;

Set macro-variable-name as a character string of no more than 64 bytes, using the format ?AJS2xxxxx?. In the xxxxx part, you can use uppercase alphabetic characters (A to Z), numerals (0 to 9), and periods (.).

This parameter can contain up to 2,048 bytes in the "jpoif=macro-variable-name:passing-information-name;".

This parameter makes it possible to take over event information of subsequent Unix jobs, PC jobs, flexible jobs, HTTP connection jobs, and action jobs.

etm=n;

Define the time-out period using the relative minutes from the start time. You can set 1 to 1,440 minutes. This parameter is invalid for a job within the start condition.

fd=time-required-for-execution;

Define the time-required-for-execution within which the job is expected to be terminated.

You can specify a decimal value between 1 and 1,440 (minutes).

If you define this parameter as a start condition, it is disabled when a job is executed.

ex="execution-agent-name";

Define the name of the execution agent that is used to execute jobs.

You can set a character string of 1 to 255 bytes.

If you want to use a double quotation mark (") or a hash mark (#) as a character, prefix the character with #. That is, use #" instead of ", and use ## instead of #.

You can specify a macro variable.

ha={y|n};

Define whether to suspend job execution. The default is n. This parameter is invalid for a job within the start condition.

  • y: Suspends jobnet execution.

  • n: Does not suspend jobnet execution.

eu={ent|def};

Define the JP1 user who executes the job. The default is ent. This parameter is ignored in an event job.

  • ent: The JP1 user who registered the jobnet executes the job.

  • def: The JP1 user who owns the job executes the job.

ets={kl|nr|wr|an};

Define the state of the event job after the execution time-out period elapses. The default is kl. This parameter is invalid for a job within the start condition.

  • kl: Killed

  • nr: Ended normally

  • wr: Ended with warning

  • an: Ended abnormally

mm={and|or};

Define the wait method with respect to the specified units whose ends are being waited for.

The default is and.

  • and: Start executing at completion of all units whose ends are being waited for.

  • or: Start executing at completion of one of the units whose ends are being waited for.

nmg={y|n};

Define the behavior when there are no generations of the root jobnet for the specified unit whose end is being waited for.

The default is n.

  • y: Start executing.

  • n: Do not start executing.

eun=name-of-the-unit-whose-end-is-being-waited-for;

Define the full-path name of a unit whose end is being waited for.

To specify multiple units, repeat the parameter. You can specify a maximum of 32 units.

You can use a character string of 1 to 930 bytes as the unit name.

ega={exec|execdeffer|none};

Specify the behavior when a jobnet with start conditions is specified as the jobnet whose end is being waited for and the execution generation ends abnormally.

If you omit this option, the system assumes none.

  • exec: Start executing.

  • execdeffer: Do not start executing. However, if the execution generation is in the Skipped so not exe. status, start executing.

  • none: Do not start executing.

uem={y|n};

Specify the behavior when a jobnet with start conditions is specified as the jobnet whose end is being waited for and the monitoring generation is in the Unmonitored + Ended status.

If you omit this option, the system assumes n.

  • y: Start executing.

  • n: Do not start executing.

To Page Top

Copyright (C) 2019, 2022, Hitachi, Ltd.

Copyright (C) 2019, 2022, Hitachi Solutions, Ltd.