This topic describes how to extend IBM Director Event Subscriber Client to support additional CIM events.
The IBM Director Event Subscriber Client ships with a CIM event source library. This library can support multiple CIM queries simultaneously (acting as a temporary consumer to the CIM object manager for each query). Query information is provided via extension files that are loaded when the CIM event source library is loaded.
When the Event Subscriber Client TWGESCLI.EXE is started, it loads and initializes the CIM event source library (ESCIM.DLL). This library, in turn, searches for CIM extension files. To be discovered by the CIM event source library, a CIM extension file must:
A CIM extension file is a file that is loaded by the CIM event source library when the Event Subscriber Client is started.
To add a new CIM extension file, create a file in the bin subdirectory of Director, using the convention cim*.ini, where * is one or more alphanumeric characters that uniquely identify the file.
This file should contain a header section and one or more query sections. The format of each section is as follows:
text=@TargetInstance.MessageFor literal values, the event text can contain substitution variables. The place holders for these values are specified using the format: %n, where n is a positive integer starting with 1. For example:
text=The %1 Service has startedThe value of these substitution variables are defined using the variables and variable.n keywords.
variable.1=@TargetInstance.DisplayName
[CIM] locale=en group=ntevt name=Windows NT Event Log sections=application, security, system [application] name=Application namespace=\\.\ROOT\CIMV2 query=SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA "Win32_NTLogEvent" AND TargetInstance.Logfile = "Application" language=WQL text=@TargetInstance.Message severity=HARMLESS variables=1 variable.1=Application [security] name=Security namespace=\\.\ROOT\CIMV2 query=SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA "Win32_NTLogEvent" AND TargetInstance.Logfile = "Security" language=WQL text=@TargetInstance.Message severity=HARMLESS variables=1 variable.1=Security [system] name=System namespace=\\.\ROOT\CIMV2 query=SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA "Win32_NTLogEvent" AND TargetInstance.Logfile = "System" language=WQL text=@TargetInstance.Message severity=HARMLESS variables=1 variable.1=System