diff options
Diffstat (limited to 'src/libnetdata/log/nd_wevents_manifest.xml')
-rw-r--r-- | src/libnetdata/log/nd_wevents_manifest.xml | 295 |
1 files changed, 295 insertions, 0 deletions
diff --git a/src/libnetdata/log/nd_wevents_manifest.xml b/src/libnetdata/log/nd_wevents_manifest.xml new file mode 100644 index 000000000..9e326c1cb --- /dev/null +++ b/src/libnetdata/log/nd_wevents_manifest.xml @@ -0,0 +1,295 @@ +<?xml version="1.0" encoding="UTF-8"?> +<instrumentationManifest + xmlns="http://schemas.microsoft.com/win/2004/08/events" + xmlns:win="http://manifests.microsoft.com/win/2004/08/windows/events" + xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <instrumentation> + <events> + + <provider name="Netdata" + guid="{96c5ca72-9bd8-4634-81e5-000014e7da7a}" + symbol="ND_PROVIDER_NAME" + messageFileName="%SystemRoot%\System32\nd_wevents.dll" + resourceFileName="%SystemRoot%\System32\nd_wevents.dll" + parameterFileName="%SystemRoot%\System32\nd_wevents.dll" + message="$(string.ND_PROVIDER_NAME)"> + + <!-- Define the channels --> + <channels> + <channel name="Netdata/Daemon" + symbol="ND_CHANNEL_DAEMON" + type="Operational"/> + + <channel name="Netdata/Collectors" + symbol="ND_CHANNEL_COLLECTORS" + type="Operational"/> + + <channel name="Netdata/Access" + symbol="ND_CHANNEL_ACCESS" + type="Operational"/> + + <channel symbol="ND_CHANNEL_HEALTH" + name="Netdata/Alerts" + type="Operational"/> + + <channel name="Netdata/ACLK" + symbol="ND_CHANNEL_ACLK" + type="Operational"/> + </channels> + + <levels> + </levels> + + <opcodes> + </opcodes> + + <tasks> + <task name="Daemon" value="1" eventGUID="{00000000-0000-0000-0000-000000000000}" message="$(string.Task.Daemon)"/> + <task name="Collector" value="2" eventGUID="{00000000-0000-0000-0000-000000000000}" message="$(string.Task.Collector)"/> + <task name="Access" value="3" eventGUID="{00000000-0000-0000-0000-000000000000}" message="$(string.Task.Access)"/> + <task name="Health" value="4" eventGUID="{00000000-0000-0000-0000-000000000000}" message="$(string.Task.Health)"/> + <task name="Aclk" value="5" eventGUID="{00000000-0000-0000-0000-000000000000}" message="$(string.Task.Aclk)"/> + </tasks> + + <templates> + <template tid="NetdataLogTemplate"> + <!-- 0 (NDF_STOP) should not be here %1 is Timestamp, %64 is the Message --> + <data name="Timestamp" inType="win:UnicodeString"/> <!-- 1 (NDF_TIMESTAMP_REALTIME_USEC) --> + <data name="Program" inType="win:UnicodeString"/> <!-- 2 (NDF_SYSLOG_IDENTIFIER) --> + <data name="NetdataLogSource" inType="win:UnicodeString"/> <!-- 3 (NDF_LOG_SOURCE) --> + <data name="Level" inType="win:UnicodeString"/> <!-- 4 (NDF_PRIORITY) --> + <data name="UnixErrno" inType="win:UnicodeString"/> <!-- 5 (NDF_ERRNO) --> + <data name="WindowsLastError" inType="win:UnicodeString"/> <!-- 6 (NDF_WINERROR) --> + <data name="InvocationID" inType="win:UnicodeString"/> <!-- 7 (NDF_INVOCATION_ID) --> + <data name="CodeLine" inType="win:UInt32"/> <!-- 8 (NDF_LINE) --> + <data name="CodeFile" inType="win:UnicodeString"/> <!-- 9 (NDF_FILE) --> + <data name="CodeFunction" inType="win:UnicodeString"/> <!-- 10 (NDF_FUNC) --> + <data name="ThreadID" inType="win:UInt32"/> <!-- 11 (NDF_TID) --> + <data name="ThreadName" inType="win:UnicodeString"/> <!-- 12 (NDF_THREAD_TAG) --> + <data name="MessageID" inType="win:UnicodeString"/> <!-- 13 (NDF_MESSAGE_ID) --> + <data name="Module" inType="win:UnicodeString"/> <!-- 14 (NDF_MODULE) --> + <data name="Node" inType="win:UnicodeString"/> <!-- 15 (NDF_NIDL_NODE) --> + <data name="Instance" inType="win:UnicodeString"/> <!-- 16 (NDF_NIDL_INSTANCE) --> + <data name="Context" inType="win:UnicodeString"/> <!-- 17 (NDF_NIDL_CONTEXT) --> + <data name="Dimension" inType="win:UnicodeString"/> <!-- 18 (NDF_NIDL_DIMENSION) --> + <data name="SourceTransport" inType="win:UnicodeString"/> <!-- 19 (NDF_SRC_TRANSPORT) --> + <data name="AccountID" inType="win:UnicodeString"/> <!-- 20 (NDF_ACCOUNT_ID) --> + <data name="UserName" inType="win:UnicodeString"/> <!-- 21 (NDF_USER_NAME) --> + <data name="UserRole" inType="win:UnicodeString"/> <!-- 22 (NDF_USER_ROLE) --> + <data name="UserPermissions" inType="win:UnicodeString"/> <!-- 23 (NDF_USER_ACCESS) --> + <data name="SourceIP" inType="win:UnicodeString"/> <!-- 24 (NDF_SRC_IP) --> + <data name="SourceForwardedHost" inType="win:UnicodeString"/> <!-- 25 (NDF_SRC_PORT) --> + <data name="SourceForwardedFor" inType="win:UnicodeString"/> <!-- 26 (NDF_SRC_FORWARDED_HOST) --> + <data name="SourcePort" inType="win:UInt32"/> <!-- 27 (NDF_SRC_FORWARDED_FOR) --> + <data name="SourceCapabilities" inType="win:UnicodeString"/> <!-- 28 (NDF_SRC_CAPABILITIES) --> + <data name="DestinationTransport" inType="win:UnicodeString"/> <!-- 29 (NDF_DST_TRANSPORT) --> + <data name="DestinationIP" inType="win:UnicodeString"/> <!-- 30 (NDF_DST_IP) --> + <data name="DestinationPort" inType="win:UInt32"/> <!-- 31 (NDF_DST_PORT) --> + <data name="DestinationCapabilities" inType="win:UnicodeString"/> <!-- 32 (NDF_DST_CAPABILITIES) --> + <data name="RequestMethod" inType="win:UnicodeString"/> <!-- 33 (NDF_REQUEST_METHOD) --> + <data name="ResponseCode" inType="win:UInt32"/> <!-- 34 (NDF_RESPONSE_CODE) --> + <data name="ConnectionID" inType="win:UnicodeString"/> <!-- 35 (NDF_CONNECTION_ID) --> + <data name="TransactionID" inType="win:UnicodeString"/> <!-- 36 (NDF_TRANSACTION_ID) --> + <data name="ResponseSentBytes" inType="win:UInt64"/> <!-- 37 (NDF_RESPONSE_SENT_BYTES) --> + <data name="ResponseSizeBytes" inType="win:UInt64"/> <!-- 38 (NDF_RESPONSE_SIZE_BYTES) --> + <data name="ResponsePreparationTimeUsec" inType="win:UInt64"/> <!-- 39 (NDF_RESPONSE_PREPARATION_TIME_USEC) --> + <data name="ResponseSentTimeUsec" inType="win:UInt64"/> <!-- 40 (NDF_RESPONSE_SENT_TIME_USEC) --> + <data name="ResponseTotalTimeUsec" inType="win:UInt64"/> <!-- 41 (NDF_RESPONSE_TOTAL_TIME_USEC) --> + <data name="AlertID" inType="win:UnicodeString"/> <!-- 42 (NDF_ALERT_ID) --> + <data name="AlertUniqueID" inType="win:UnicodeString"/> <!-- 43 (NDF_ALERT_UNIQUE_ID) --> + <data name="AlertTransitionID" inType="win:UnicodeString"/> <!-- 44 (NDF_ALERT_TRANSITION_ID) --> + <data name="AlertEventID" inType="win:UnicodeString"/> <!-- 45 (NDF_ALERT_EVENT_ID) --> + <data name="AlertConfig" inType="win:UnicodeString"/> <!-- 46 (NDF_ALERT_CONFIG_HASH) --> + <data name="AlertName" inType="win:UnicodeString"/> <!-- 47 (NDF_ALERT_NAME) --> + <data name="AlertClass" inType="win:UnicodeString"/> <!-- 48 (NDF_ALERT_CLASS) --> + <data name="AlertComponent" inType="win:UnicodeString"/> <!-- 49 (NDF_ALERT_COMPONENT) --> + <data name="AlertType" inType="win:UnicodeString"/> <!-- 50 (NDF_ALERT_TYPE) --> + <data name="AlertExec" inType="win:UnicodeString"/> <!-- 51 (NDF_ALERT_EXEC) --> + <data name="AlertRecipient" inType="win:UnicodeString"/> <!-- 52 (NDF_ALERT_RECIPIENT) --> + <data name="AlertDuration" inType="win:UInt64"/> <!-- 53 (NDF_ALERT_DURATION) --> + <data name="AlertValue" inType="win:Double"/> <!-- 54 (NDF_ALERT_VALUE) --> + <data name="AlertOldValue" inType="win:Double"/> <!-- 55 (NDF_ALERT_VALUE_OLD) --> + <data name="AlertStatus" inType="win:UnicodeString"/> <!-- 56 (NDF_ALERT_STATUS) --> + <data name="AlertOldStatus" inType="win:UnicodeString"/> <!-- 57 (NDF_ALERT_STATUS_OLD) --> + <data name="Source" inType="win:UnicodeString"/> <!-- 58 (NDF_ALERT_SOURCE) --> + <data name="AlertUnits" inType="win:UnicodeString"/> <!-- 59 (NDF_ALERT_UNITS) --> + <data name="AlertSummary" inType="win:UnicodeString"/> <!-- 60 (NDF_ALERT_SUMMARY) --> + <data name="AlertInfo" inType="win:UnicodeString"/> <!-- 61 (NDF_ALERT_INFO) --> + <data name="AlertNotificationTime" inType="win:UInt64"/> <!-- 62 (NDF_ALERT_NOTIFICATION_REALTIME_USEC) --> + <data name="Request" inType="win:UnicodeString"/> <!-- 63 (NDF_REQUEST) --> + <data name="Message" inType="win:UnicodeString"/> <!-- 64 (NDF_MESSAGE) --> + </template> + </templates> + + <events> + <!-- Daemon Events --> + <event symbol="ND_EVENT_DAEMON_INFO" + value="0x1000" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Daemon" + level="win:Informational" + task="Daemon" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_DAEMON_WARNING" + value="0x1001" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Daemon" + level="win:Warning" + task="Daemon" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_DAEMON_ERROR" + value="0x1002" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Daemon" + level="win:Error" + task="Daemon" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <!-- Collector Events --> + <event symbol="ND_EVENT_COLLECTOR_INFO" + value="0x2000" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Collectors" + level="win:Informational" + task="Collector" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_COLLECTOR_WARNING" + value="0x2001" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Collectors" + level="win:Warning" + task="Collector" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_COLLECTOR_ERROR" + value="0x2002" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/Collectors" + level="win:Error" + task="Collector" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <!-- Access Events --> + <event symbol="ND_EVENT_ACCESS_INFO" + value="0x3000" + message="$(string.ND_ACCESS_EVENT_MESSAGE)" + channel="Netdata/Access" + level="win:Informational" + task="Access" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_ACCESS_WARNING" + value="0x3001" + message="$(string.ND_ACCESS_EVENT_MESSAGE)" + channel="Netdata/Access" + level="win:Warning" + task="Access" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_ACCESS_ERROR" + value="0x3002" + message="$(string.ND_ACCESS_EVENT_MESSAGE)" + channel="Netdata/Access" + level="win:Error" + task="Access" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <!-- Health Events --> + <event symbol="ND_EVENT_HEALTH_INFO" + value="0x4000" + message="$(string.ND_HEALTH_EVENT_MESSAGE)" + channel="Netdata/Alerts" + level="win:Informational" + task="Health" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_HEALTH_WARNING" + value="0x4001" + message="$(string.ND_HEALTH_EVENT_MESSAGE)" + channel="Netdata/Alerts" + level="win:Warning" + task="Health" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_HEALTH_ERROR" + value="0x4002" + message="$(string.ND_HEALTH_EVENT_MESSAGE)" + channel="Netdata/Alerts" + level="win:Error" + task="Health" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <!-- ACLK Events --> + <event symbol="ND_EVENT_ACLK_INFO" + value="0x5000" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/ACLK" + level="win:Informational" + task="Aclk" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_ACLK_WARNING" + value="0x5001" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/ACLK" + level="win:Warning" + task="Aclk" + opcode="win:Info" + template="NetdataLogTemplate"/> + + <event symbol="ND_EVENT_ACLK_ERROR" + value="0x5002" + message="$(string.ND_GENERIC_LOG_MESSAGE)" + channel="Netdata/ACLK" + level="win:Error" + task="Aclk" + opcode="win:Info" + template="NetdataLogTemplate"/> + + </events> + </provider> + </events> + </instrumentation> + + <localization> + <resources culture="en-US"> + <stringTable> + <string id="Task.Daemon" value="ND Daemon Log"/> + <string id="Task.Collector" value="ND Collector Log"/> + <string id="Task.Access" value="ND Access Log"/> + <string id="Task.Health" value="ND Health Log"/> + <string id="Task.Aclk" value="ND ACLK Log"/> + + <string id="ND_PROVIDER_NAME" value="Netdata"/> + <string id="ND_GENERIC_LOG_MESSAGE" value="%64"/> + <string id="ND_ACCESS_EVENT_MESSAGE" + value="Transaction %36, method: %33, path: %63 + + Source IP : %24, Forwarded-For: %27 + User : %21, role: %22, permissions: %23 + Timings (usec): prep %39, sent %40, total %41 + Response Size : sent %37, uncompressed %38 + Response Code : %34 +"/> + <string id="ND_HEALTH_EVENT_MESSAGE" + value="Alert '%47' of instance '%16' on node '%15', transitioned from %57 to %56"/> + </stringTable> + </resources> + </localization> +</instrumentationManifest> |