Hi Team, We have created missing event detection monitor (Timer Set) and getting alerts even that event present in the Server Event Application Log. Just we gave to Event ID, Source, Type to match.

Hi, Can you post here your monitor's code (XML)?http://OpsMgr.ru/

There's a known issue with the missing event detection monitor. Create a support case and they will hand you a workaround...Rob Korving http://jama00.wordpress.com/

Hi Rob, just out of curiosity: Could you be a bit more specific about the known issue? This may save me from opening a case :) Thank you, Dirk

you dont have to anymore, cu5 has been released and includes the fix.Rob Korving http://jama00.wordpress.com/

Hello Team, I have an issue with the missing monitor configuration in CU5. Requirement: need to alert if the even id 9000 do not occur on a server for 30 minutes for 24/7. I have set up a missing event monitor that detects when the event 9000 doesn’t occur on server in 30 minutes and set it to critical. It also resets to healthy when it sees the 9000 event. Issue: For some reason this monitor goes to critical even though the event 9000 was logged on the server. Herewith I enclosed the monitoring configuration for your referance . Please correct me in monitoring configuration and suggest me in fixing this issue. <UnitMonitor ID="TestMP.Custom.Missing.Event9000.Application.AlertMonitor" Accessibility="Internal" Enabled="true" Target="TestMP.BY2MWC" ParentMonitorID="Health!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.MissingEventLogSingleEventLog2StateMonitorType" ConfirmDelivery="true"> <Category>Custom</Category> <AlertSettings AlertMessage="TestMP.Custom.Missing.Event9000.Application.AlertMonitor_AlertMessageResourceID"> <AlertOnState>Error</AlertOnState> <AutoResolve>false</AutoResolve> <AlertPriority>Normal</AlertPriority> <AlertSeverity>Error</AlertSeverity> </AlertSettings> <OperationalStates> <OperationalState ID="UIGeneratedOpStateIdeb52d79f01314758a4a911d5672174e2" MonitorTypeStateID="MissingEventRaised" HealthState="Error" /> <OperationalState ID="UIGeneratedOpStateId426dce4a4dd542699a1ae76bf65163c6" MonitorTypeStateID="EventRaised" HealthState="Success" /> </OperationalStates> <Configuration> <ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName> <LogName>Application</LogName> <Expression> <And> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="UnsignedInteger">9000</Value> </ValueExpression> </SimpleExpression> </Expression> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="String">PublisherName</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="String">CTS Watcher</Value> </ValueExpression> </SimpleExpression> </Expression> </And> </Expression> <MissingComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</MissingComputerName> <MissingLogName>Application</MissingLogName> <MissingExpression> <And> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="UnsignedInteger">9000</Value> </ValueExpression> </SimpleExpression> </Expression> <Expression> <SimpleExpression> <ValueExpression> <XPathQuery Type="String">PublisherName</XPathQuery> </ValueExpression> <Operator>Equal</Operator> <ValueExpression> <Value Type="String">CTS Watcher</Value> </ValueExpression> </SimpleExpression> </Expression> </And> </MissingExpression> <Consolidator> <ConsolidationProperties /> <TimeControl> <GenericSchedule> <SimpleReccuringSchedule> <Interval Unit="Minutes">30</Interval> </SimpleReccuringSchedule> <ExcludeDates /> </GenericSchedule> </TimeControl> <CountingCondition> <CountMode>OnNewItemNOP_OnTimerOutputRestart</CountMode> </CountingCondition> </Consolidator> </Configuration> </UnitMonitor> sridhar v