check_log not outputting CRITICAL line content

[dhhh]

I'm trying to get the check_log plugin working on a simple application log file that checks for multiple errors in a single line but the Status Information field in the Nagios dashboard only outputs "(1)" and not the line that triggered the CRITICAL alert when it correctly detects one of the errors.

I have the following in the nrpe.cfg:

Code: Select all

command[check_blah_log_errors]=sudo /usr/lib64/nagios/plugins/check_log -F /foo/foot.log -O /foo/foo.log.old.nagios -q '.*`date +%Y-%m-%d`T.*error: error_string_1_here\|error_string_2_here\|error_string_3_here\|error_string_4_here'

What needs to change to fix this? I've read about splitting the four strings into four separate checks but I'm looking to do over a dozen checks on the same server and would prefer to not have to if possible.

[mcapra]

NRPE does not run commands in a shell (it uses popen), and subsequently cannot perform Bash substitution as you're attempting to do here:

Code: Select all

`date +%Y-%m-%d`

I can't say for certain if that's what is causing your issue, but it stands out.

[dhhh]

NRPE does not run commands in a shell (it uses popen), and subsequently cannot perform Bash substitution as you're attempting to do here:

You're right. Removing that from the line helped make it work.

Interstingly, although my original post doesn't have it, I used bash substitution for the log file names with the date too and THAT actually doesn't break (maybe coz that takes place within the sudo command itself?).