[GH-ISSUE #88] Feature Request: Event Log Check, Filter Source and/or Details #47

New issue

Closed

opened 2026-03-02 02:13:07 +03:00 by kerem · 1 comment

kerem commented 2026-03-02 02:13:07 +03:00

Owner

Copy link

Originally created by @bradhawkins85 on GitHub (Sep 1, 2020).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/88

Originally assigned to: @wh1te909 on GitHub.

Would it be possible to update the Event Log check to also take the event source and/or possibly even a string in the details in to consideration when running the check.
Some event id's belong to multiple sources and can trigger false alerts if just checking for a specific event id.

E.G. Event ID 5 belongs to VDS Basic Provider, IsolatedUserMode and Hyper-V-VmSwitch and not all of these need to be alerted when detected.

Originally created by @bradhawkins85 on GitHub (Sep 1, 2020). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/88 Originally assigned to: @wh1te909 on GitHub. Would it be possible to update the Event Log check to also take the event source and/or possibly even a string in the details in to consideration when running the check. Some event id's belong to multiple sources and can trigger false alerts if just checking for a specific event id. E.G. Event ID 5 belongs to VDS Basic Provider, IsolatedUserMode and Hyper-V-VmSwitch and not all of these need to be alerted when detected.

kerem 2026-03-02 02:13:07 +03:00

• closed this issue
• added the
  enhancement
  label

kerem commented 2026-03-02 02:13:08 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Sep 1, 2020):

will do! I am making big changes to how checks work on the agent, right now the status of pass/fail is being calculated agent side but instead will be sending the raw data to the RMM and calculate it there, this way have more flexibility in determining status and not having to release a new agent for a new request like this so can implement alot faster.

<!-- gh-comment-id:684513510 --> @wh1te909 commented on GitHub (Sep 1, 2020): will do! I am making big changes to how checks work on the agent, right now the status of pass/fail is being calculated agent side but instead will be sending the raw data to the RMM and calculate it there, this way have more flexibility in determining status and not having to release a new agent for a new request like this so can implement alot faster.

kerem referenced this issue 2026-03-14 01:49:17 +03:00

[GH-ISSUE #47] Feature Request: Variables #1959

kerem referenced this issue 2026-03-14 01:50:44 +03:00

[GH-ISSUE #48] Feature Request: Script Arguments #1960

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#47

No description provided.