Hello,
I am looking for a check_log that has the option to allow for OK, Warn and Critical settings. So far the only check_log I have allows for Warn values but I really want something a little more flexible so my Nagios Core server will stop firing the alerts every time I get a blip in my logs. If someone can point me in the right direction with examples as well, that would be awesome.
Thanks.
check_log with options
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: check_log with options
It really depends on what you are looking to accomplish, but this is probably the most common log file plugin for Nagios Core
https://exchange.nagios.org/directory/P ... es/details
For a more full featured log monitoring platform please check out Nagios Log Server
https://www.nagios.com/products/nagios-log-server/
https://exchange.nagios.org/directory/P ... es/details
For a more full featured log monitoring platform please check out Nagios Log Server
https://www.nagios.com/products/nagios-log-server/
Re: check_log with options
Scott,
First off, thanks for the quick reply. Essentially, what I am looking for is this:
Example: I am using check_log to query on "503 - Server Not Found". The problem is, I can see this event happen in the log every now and then but there is a failover event that hits another server when this happens. What I would like Nagios Core to report on is this:
If you see <5 events in the log, consider this OK
If you see 5-15 events in the log, consider this a WARNING and fire an event
If you see >15 events in the log, consider this a CRITICAL and fire events.
Currently, check_log only has that ability to have -w which means anything above 0 but under the number after the -w is considered a WARNING until it hits that number then it is considered CRITICAL. I guess was I was looking for is an -o flag as well, so check_log <logfile><Oldlogfile> -q -o 4 -w 15 kind of thing.
I hope this makes sense.
Chris
First off, thanks for the quick reply. Essentially, what I am looking for is this:
Example: I am using check_log to query on "503 - Server Not Found". The problem is, I can see this event happen in the log every now and then but there is a failover event that hits another server when this happens. What I would like Nagios Core to report on is this:
If you see <5 events in the log, consider this OK
If you see 5-15 events in the log, consider this a WARNING and fire an event
If you see >15 events in the log, consider this a CRITICAL and fire events.
Currently, check_log only has that ability to have -w which means anything above 0 but under the number after the -w is considered a WARNING until it hits that number then it is considered CRITICAL. I guess was I was looking for is an -o flag as well, so check_log <logfile><Oldlogfile> -q -o 4 -w 15 kind of thing.
I hope this makes sense.
Chris
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: check_log with options
you can do all of this with either options I suggested.