[Nagios-users] check_logfiles
Hello, I am trying to use the check_logfiles plugin that I found on the exchange to find some critical patterns in the logs. Here's the run of the command I am trying [db:~] root% /opt/nagios/libexec/check_logfiles --logfile=/u01/app/oracle/admin/ecom/bdump/alert_ecom1.log --tag=oracle --rotation=linux --criticalpattern='ORA-00600' --warningpattern='ORA-*' OK - no errors or warnings|oracle_lines=0 oracle_warnings=0 oracle_criticals=0 oracle_unknowns=0 This is what is in that logfile - [db07:~] root% grep 'ORA-00600' /u01/app/oracle/admin/ecom/bdump/alert_ecom1.log ORA-00600 - This is only a test.. please disregard But as you can see it's clearly not finding a pattern that I've specified. Does anybody out there have enough experience with this plugin to know what may be going wrong here? Trying to get this figured out. Thanks Tim -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles
Here's the run of the command I am trying [db:~] root% /opt/nagios/libexec/check_logfiles --logfile=/u01/app/oracle/admin/ecom/bdump/alert_ecom1.log --tag=oracle --rotation=linux --criticalpattern='ORA-00600' --warningpattern='ORA-*' OK - no errors or warnings|oracle_lines=0 oracle_warnings=0 oracle_criticals=0 oracle_unknowns=0 This is what is in that logfile - [db07:~] root% grep 'ORA-00600' /u01/app/oracle/admin/ecom/bdump/alert_ecom1.log ORA-00600 - This is only a test.. please disregard Try using the allyoucaneat option to test on the command line... IIRC, check_logfiles will only check a reasonable number of lines in the log file the first time, and from that point on only new ones. If that ORA-00600 is a long ways back, check_logfiles may not grok it. The allyoucaneat option should force the plugin to check *all* lines in the file. Benny -- Death rays, advanced technology or not, no creature wants to be stabbed in their hoo-hoo.-- Seen on zombiehunters.org -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Good Morning guys, You guys are awesome!! Well I don't know exactly what did it but its working!... I changed the check_nrpe_log to check_nrpe and I ran the touch command you asked me to run and when I restarted nagios boom it worked. And btw the hyphen was an error on my part..I copied and pasted the output into the email but I must have touched the mousepad or something and removed the space. I think I just needed a break. I was out Friday which is why didn't respond sooner. Thanks once again... Cheers, VL -Original Message- From: Gerhard Lausser [mailto:[EMAIL PROTECTED] Sent: Friday, April 18, 2008 9:31 AM To: 'Victor Lanza'; 'Jay R. Ashworth' Cc: nagios-users@lists.sourceforge.net Subject: AW: [Nagios-users] check_logfiles documentation Hi, CRITICAL -(17 errors, 1 warning) - [4/17/08 13:51:42:420 EDT] 0037 Jay is right, the code is sprintf %s - %s..., so there _must_ be a space after the hyphen. Besides that, the nagios servide definition is a bit special (there is no need for a command check_nrpe_log. call it check_nrpe because you want to use it not only for check_logfiles), but it should work. Login at rflx01app and make touch /tmp/check_logfiles; tail -f /tmp/check_logfiles As long as this file exists, check_logfiles writes debugging information in it. So you can watch, wether check_logfiles is executed at all when running under Nagios control. What we need to find out is, wether check_logfiles runs and produces output which nagios doesn't accept (which would be strange, because it works when you call check_nrpe manually) or if the error happens even before check_nrpe is executed. Can you also have a look at the nagios.log? Gerhard - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Hi, CRITICAL -(17 errors, 1 warning) - [4/17/08 13:51:42:420 EDT] 0037 Jay is right, the code is sprintf %s - %s..., so there _must_ be a space after the hyphen. Besides that, the nagios servide definition is a bit special (there is no need for a command check_nrpe_log. call it check_nrpe because you want to use it not only for check_logfiles), but it should work. Login at rflx01app and make touch /tmp/check_logfiles; tail -f /tmp/check_logfiles As long as this file exists, check_logfiles writes debugging information in it. So you can watch, wether check_logfiles is executed at all when running under Nagios control. What we need to find out is, wether check_logfiles runs and produces output which nagios doesn't accept (which would be strange, because it works when you call check_nrpe manually) or if the error happens even before check_nrpe is executed. Can you also have a look at the nagios.log? Gerhard - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Ok...Before I tackle the issue with Nagios not getting any feedback from
check_logfiles I decided to test the plugin locally on the host machine.
However I'm not getting the results I should am expecting.
I execute this at the command line:
Check_logfiles --tag=websphere
--logfile=/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/logs/rflxappserver1
/SystemOut.log --criticalpattern=java.lang.Exception: DBPool returned NULL
connection.
My results are:
OK - no errors or warning|websphere_lines=0 websphere_warnings=0
websphere_criticals=0 websphere_unknowns=0
However when I check the SystemOut.log, I see the line that contains that
error. Am I missing something?
-Original Message-
From: Jay R. Ashworth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 16, 2008 3:51 PM
To: Victor Lanza
Subject: Re: [Nagios-users] check_logfiles documentation
On Wed, Apr 16, 2008 at 03:31:05PM -0400, Victor Lanza wrote:
define command {
command_name check_nrpe_arg
command_line $USER1$/check_nrpe -p 5777 -H $HOSTADDRESS$ -t $ARG1$
c $ARG2$ -a $ARG3$
}
If that was copy and paste, note that what should be -c is missing te
hyphen, and that your port nunmber is non-standard (I came in late; you
might have done that on purpose).
If you're sending arguments and the target nrpe was configured to
reject them it will also bounce. But not the way you're seeing.
I've heard that some builds of the nrpe daemon are configured to use
TPC wrappers, and thus require a properly configured /etc/hosts.{allow,deny}
(which also implies adding nrpe to /etc/services).
Could one of those things be your problem?
Cheers,
-- jr '(just started yesterday. yes, I learn fast :-)' a
--
Jay R. Ashworth Baylink
[EMAIL PROTECTED]
Designer The Things I Think RFC
2100
Ashworth Associates http://baylink.pitas.com '87
e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647
1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin)
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
On Thu, Apr 17, 2008 at 11:33:52AM -0400, Victor Lanza wrote: Ok...Before I tackle the issue with Nagios not getting any feedback from check_logfiles I decided to test the plugin locally on the host machine. However I'm not getting the results I should am expecting. I execute this at the command line: Check_logfiles --tag=websphere --logfile=/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/logs/rflxappserver1 /SystemOut.log --criticalpattern=java.lang.Exception: DBPool returned NULL connection. My results are: OK - no errors or warning|websphere_lines=0 websphere_warnings=0 websphere_criticals=0 websphere_unknowns=0 However when I check the SystemOut.log, I see the line that contains that error. Am I missing something? You're running this on the monitored machine, not on the console machine, correct? If so, then there's some problem with check_logfiles. Do remember, though, that that comparison is likely to be case sensitive, and will certainly be sensitive to spacing and pucnctuation. This is also true of the logfilename itself, come to think of it. It *looks* as if you copied the error message into the command line, so that shouldn't be it, but I thought I'd mention it. Try changing one character in that logfilename to make sure you get the expected 'I can't find that logfile' error from check_logfiles... and if not, carefully double check that filename argument (and hang a bug against check_logfiles; 'I can't find that log file' probably ought to be an error condition; at least as a different status return (WARNING - logfile not found). Cheers, -- jra -- Jay R. Ashworth Baylink [EMAIL PROTECTED] Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com '87 e24 St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274 Those who cast the vote decide nothing. Those who count the vote decide everything. -- (Joseph Stalin) - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Hi guys, i just explained it to Victor in private mail, but this seems to be a FAQ. OK - no errors or warning|websphere_lines=0 websphere_warnings=0 ^^ ^^ .._lines=0 means that _no_ lines were scanned for patterns at all. Why? First, because check_logfiles only examines lines which were appended to the logfile since the last run. And second, if you run check_logfiles for the very first time, it does not start searching from the beginning of the file. It only initializes itself by positioning at the end-of-file. This was necessary to avoid alerts caused by very old error messages in the logfile. check_logfiles... and if not, carefully double check that filename argument (and hang a bug against check_logfiles; 'I can't find that log file' probably ought to be an error condition; at least as a different status return (WARNING - logfile not found). This message already exists: $ check_logfiles --logfile=/var/log/schmarrn.log --criticalpattern=kaas UNKNOWN - (1 unknown in check_logfiles.protocol-2008-04-17-19-32-10) - could not find logfile /var/log/schmarrn.log |default_lines=0 default_warnings=0 default_criticals=0 default_unknowns=1 (There is the option nologfilenocry which can be set in a configurationfile. With this option, a missing logfile is silently tolerated). Gerhard - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Thanks all!!...I literally was loosing it...I started arguing with my monitor..hehe.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gerhard Lausser Sent: Thursday, April 17, 2008 1:34 PM To: 'Jay R. Ashworth'; nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] check_logfiles documentation Hi guys, i just explained it to Victor in private mail, but this seems to be a FAQ. OK - no errors or warning|websphere_lines=0 websphere_warnings=0 ^^ ^^ .._lines=0 means that _no_ lines were scanned for patterns at all. Why? First, because check_logfiles only examines lines which were appended to the logfile since the last run. And second, if you run check_logfiles for the very first time, it does not start searching from the beginning of the file. It only initializes itself by positioning at the end-of-file. This was necessary to avoid alerts caused by very old error messages in the logfile. check_logfiles... and if not, carefully double check that filename argument (and hang a bug against check_logfiles; 'I can't find that log file' probably ought to be an error condition; at least as a different status return (WARNING - logfile not found). This message already exists: $ check_logfiles --logfile=/var/log/schmarrn.log --criticalpattern=kaas UNKNOWN - (1 unknown in check_logfiles.protocol-2008-04-17-19-32-10) - could not find logfile /var/log/schmarrn.log |default_lines=0 default_warnings=0 default_criticals=0 default_unknowns=1 (There is the option nologfilenocry which can be set in a configurationfile. With this option, a missing logfile is silently tolerated). Gerhard - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javao ne ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
On Thu, Apr 17, 2008 at 07:34:05PM +0200, Gerhard Lausser wrote: (There is the option nologfilenocry which can be set in a configurationfile. With this option, a missing logfile is silently tolerated). It's your plugin, then? That's a *classic* switch name. Cheers, -- jra -- Jay R. Ashworth Baylink [EMAIL PROTECTED] Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com '87 e24 St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274 Those who cast the vote decide nothing. Those who count the vote decide everything. -- (Joseph Stalin) - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Ok, so thanks to that small detail I was able to test the check_logfiles and
everything works like a charm, I get the seekfile as well as the protocol
file with results.
Now when I set up the commands again in Nagios and the service checks I get
the following in the interface:
(No output returned from plugin)
The command is set up this way:
define command{
command_namecheck_nrpe_log
command_line$USER1$/check_nrpe -p 5666 -H $HOSTADDRESS$ -c
$ARG1$
}
The service is set up this way:
define service{
use master-service
hostrflx01app
service_description Websphere Logs
check_command check_nrpe_log!check_logfiles
}
Now I try running the command via the command line from the Nagios server
(not the server being monitored) with the following:
check_nrpe -H 192.168.1.90 -p 5666 -c check_logfiles
This should be the equivalent of the command being issued by Nagios based on
the setup above. The results are:
CRITICAL -(17 errors, 1 warning) - [4/17/08 13:51:42:420 EDT] 0037
SystemOut 0 java.lang.Exception: DBPool returned NULL
connection. ...|websphere_lines=598 websphere_warnings=1
websphere_criticals=17 websphere_unknowns=0
Why can't Nagios receive or interpret these results? Do I need a separate
plugin for that? I haven't read much on NSCA but is that what I need? (I had
to learn that from scratch :( if that's the case)
Thanks all,
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jay R.
Ashworth
Sent: Thursday, April 17, 2008 2:22 PM
To: Gerhard Lausser
Cc: nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] check_logfiles documentation
On Thu, Apr 17, 2008 at 07:34:05PM +0200, Gerhard Lausser wrote:
(There is the option nologfilenocry which can be set in a
configurationfile. With this option, a missing logfile is silently
tolerated).
It's your plugin, then?
That's a *classic* switch name.
Cheers,
-- jra
--
Jay R. Ashworth Baylink
[EMAIL PROTECTED]
Designer The Things I Think RFC
2100
Ashworth Associates http://baylink.pitas.com '87
e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647
1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin)
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javao
ne
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
On Thu, Apr 17, 2008 at 03:20:20PM -0400, Victor Lanza wrote:
Ok, so thanks to that small detail I was able to test the check_logfiles and
everything works like a charm, I get the seekfile as well as the protocol
file with results.
Now when I set up the commands again in Nagios and the service checks I get
the following in the interface:
(No output returned from plugin)
The command is set up this way:
define command{
command_namecheck_nrpe_log
I suspect you don't want to do it that way.
command_line$USER1$/check_nrpe -p 5666 -H $HOSTADDRESS$ -c
$ARG1$
}
The service is set up this way:
define service{
use master-service
hostrflx01app
service_description Websphere Logs
check_command check_nrpe_log!check_logfiles
}
Now I try running the command via the command line from the Nagios server
(not the server being monitored) with the following:
check_nrpe -H 192.168.1.90 -p 5666 -c check_logfiles
This should be the equivalent of the command being issued by Nagios based on
the setup above. The results are:
CRITICAL -(17 errors, 1 warning) - [4/17/08 13:51:42:420 EDT] 0037
SystemOut 0 java.lang.Exception: DBPool returned NULL
connection. ...|websphere_lines=598 websphere_warnings=1
websphere_criticals=17 websphere_unknowns=0
Why can't Nagios receive or interpret these results? Do I need a separate
plugin for that? I haven't read much on NSCA but is that what I need? (I had
to learn that from scratch :( if that's the case)
No, if you can get to that point from the command line on the
monitoring machine, then you should be ok into Nagios, I would expect.
I see that the first hyphen on the response line is *not* followed by a
space, as I've come to expect... but I'll defer to Gerhard and others
on the formatting of the plugin return string; that's magic deeper than
mine at the moment.
Cheers,
-- jra
--
Jay R. Ashworth Baylink [EMAIL PROTECTED]
Designer The Things I Think RFC 2100
Ashworth Associates http://baylink.pitas.com '87 e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin)
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] check_logfiles documentation
Hi, Does anyone have a detailed doc written for configuring check_logfiles. I'm new to Nagios and Linux :-) and I've managed to install Nagios, NRPE, as well as the check_logfiles plugin. I've set up a few hosts, commands, and service checks with and without the use of NRPE and everything is working in that aspect. I'm just stuck on getting the plugin jumpstarted and the current documentation provided in the check_logs site is a bit overwhelming. I would greatly appreciate it. Thanks, - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
http://www.consol.de/opensource/nagios/check-logfiles Theres an english flag in the top left. Near the bottom of the page there's a link with a load of examples. On 4/16/08, Victor Lanza [EMAIL PROTECTED] wrote: Hi, Does anyone have a detailed doc written for configuring check_logfiles. I'm new to Nagios and Linux :-) and I've managed to install Nagios, NRPE, as well as the check_logfiles plugin. I've set up a few hosts, commands, and service checks with and without the use of NRPE and everything is working in that aspect. I'm just stuck on getting the plugin jumpstarted and the current documentation provided in the check_logs site is a bit overwhelming. I would greatly appreciate it. Thanks, - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
Kyle,
Thanks, but using this resource I wasn't able to get far. I'm sure that I'm
making a small mistake. Here is how I have my setup so far:
Nagios Monitoring Server: version 3.0.1
Commands.cfg:
define command {
command_name check_nrpe_arg
command_line $USER1$/check_nrpe -p 5777 -H $HOSTADDRESS$ -t $ARG1$
c $ARG2$ -a $ARG3$
}
Services.cfg:
define service{
use master-service
host rflx01app
service_description Log Files
check_command
check_nrpe_arg!20!check_logfiles!etc/$SERVICEDESC$
}
Host Being Monitored:
Nrpe.cfg:
command[check_logfiles]=/usr/local/nagios/libexec/check_logfiles -f
etc/check_websphere
check_websphere (located in /usr/local/nagios/etc/ along with the
nrpe.cfg)
\$seekfilesdir = '/usr/local/nagios/var/tmp';
# where the state information will be saved.
\$protocolsdir = '/usr/local/nagios/var/tmp';
# where protocols with found patterns will be stored.
\$scriptpath = '/usr/local/nagios/var/tmp';
# where scripts will be searched for.
\$MACROS = \{ CL_DISK01 = /dev/dsk/c0d1, CL_DISK02 = /dev/dsk/c0d2 \};
[EMAIL PROTECTED] = (
{
tag = 'websphere',
logfile =
'/opt/IBM/WebSphere/AppServer/profiles/AppSrv01/logs/rflxappserver1/SystemOu
t.log',
rotation = 'SystemOut',
criticalpatterns = ['java.lang.OutOfMemoryError', 'hung.*'],
options = 'noscript,protocol,nocount',
},
);
At my first attempt Nagios displayed an unknown status, but with this latest
config that I have above, Nagios now shows Connection refused by host.
Thanks again,
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, April 16, 2008 3:15 PM
To: Victor Lanza
Cc: Nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] check_logfiles documentation
http://www.consol.de/opensource/nagios/check-logfiles
Theres an english flag in the top left. Near the bottom of the page
there's a link with a load of examples.
On 4/16/08, Victor Lanza [EMAIL PROTECTED] wrote:
Hi,
Does anyone have a detailed doc written for configuring check_logfiles.
I'm
new to Nagios and Linux :-) and I've managed to install Nagios, NRPE, as
well as the check_logfiles plugin. I've set up a few hosts, commands, and
service checks with and without the use of NRPE and everything is working
in
that aspect. I'm just stuck on getting the plugin jumpstarted and the
current documentation provided in the check_logs site is a bit
overwhelming.
I would greatly appreciate it.
Thanks,
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] check_logfiles documentation
That was copy and paste and it was incorrect in my config file as well.
Thanks for pointing it out. :) I used that port (as a newbie that I am)
because I saw it in the examples provided online. I have no clue what this
value should really be.
You're right, the way I've configured NRPE is to used TCP wrappers, but I'm
100% sure this works as I send a simple check_disk command using NRPE and I
get the proper response. Furthermore, I do have nrpe added to /etc/services
and configured the nagios server to be allowed to communicate with the NRPE
daemon which can be proven by the issuing commands like the one above.
-Original Message-
From: Jay R. Ashworth [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 16, 2008 3:51 PM
To: Victor Lanza
Subject: Re: [Nagios-users] check_logfiles documentation
On Wed, Apr 16, 2008 at 03:31:05PM -0400, Victor Lanza wrote:
define command {
command_name check_nrpe_arg
command_line $USER1$/check_nrpe -p 5777 -H $HOSTADDRESS$ -t $ARG1$
c $ARG2$ -a $ARG3$
}
If that was copy and paste, note that what should be -c is missing te
hyphen, and that your port nunmber is non-standard (I came in late; you
might have done that on purpose).
If you're sending arguments and the target nrpe was configured to
reject them it will also bounce. But not the way you're seeing.
I've heard that some builds of the nrpe daemon are configured to use
TPC wrappers, and thus require a properly configured /etc/hosts.{allow,deny}
(which also implies adding nrpe to /etc/services).
Could one of those things be your problem?
Cheers,
-- jr '(just started yesterday. yes, I learn fast :-)' a
--
Jay R. Ashworth Baylink
[EMAIL PROTECTED]
Designer The Things I Think RFC
2100
Ashworth Associates http://baylink.pitas.com '87
e24
St Petersburg FL USA http://photo.imageinc.us +1 727 647
1274
Those who cast the vote decide nothing.
Those who count the vote decide everything.
-- (Joseph Stalin)
-
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] check_logfiles retaining state information
Hi All!
I am trying to implement check_logfiles and it is not behaving the way I
expect and I was hoping that someone might be able to help . My
config-file looks like this:
$seekfilesdir = '/var/tmp';
$protocolsdir = '/var/tmp';
@logs = (
{
tag = 'jimmo',
logfile = '/tmp/messages',
criticalpatterns = [ 'Handling the connection'],
},
);
If I copy /var/log/messages to /tmp/messages and then run
/usr/local/nagios/libexec/check_logfiles -v -f
/tmp/jimmo_somelogfiles.cfg
I get the output that I expect:
CRITICAL - (5293 errors in
jimmo_somelogfiles.protocol-2008-04-03-13-38-58) - Apr 3 13:38:42
nts-mgm-17 nsca[327]: Handling the connection... ...|jimmo_lines=33772
jimmo_warnings=0 jimmo_criticals=5293 jimmo_unknowns=0
If I run the command again it finds nothing, which I expect. If I delete
the seek and protocol files in /var/tmp, I would expect that that script
starts over. It has no information about the state, so it must logically
start over from the beginning of the file. However, it doesn't and I
get:
OK - no errors or warnings|jimmo_lines=0 jimmo_warnings=0
jimmo_criticals=0 jimmo_unknowns=0
If I add lines with 'Handling the connection' to /tmp/messages and run
check_logfiles again, it finds the lines I just added. If I remove
/tmp/messages and re-create after deleting the state files, it reports
the correct number of matches.
It seems that the state information is being kept somewhere other than
/var/tmp. The default is /tmp, but I found nothing there.
Any ideas if/where state data is being kept and/or how to force the
script to think that it should read the file from the beginning?
Best Regards,
Jim Mohr
-
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
