CheckEventLog notifications

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
jonathan.ward
Posts: 5
Joined: Tue Jul 12, 2011 5:50 am

CheckEventLog notifications

Post by jonathan.ward »

Hi,

I have a generic CheckEventLog query for the system and application logs, which has taken some time to get working due to this being completely new to me!

My problem is that I have got all my errors in either log going into my Nagios console, however only 1 is being reported by email. I believe this is because the state is remaining critical and the nagios service only reports state changes by default. How can I get it to email every new event in the logs?

in other words I have servers with lots of regular errors and want them all being sent to my inbox (for the time being!)

Can anyone point me in the right direction

Many Thanks

J
mguthrie
Posts: 4380
Joined: Mon Jun 14, 2010 10:21 am

Re: CheckEventLog notifications

Post by mguthrie »

In Nagios, notifications and events are based on the state changes. You could set the "notification_interval" to be the same as your check_interval. That way it will continue to notify you when the state is critical. However, this doesn't guarantee unique alerts for bad log entries. For this you'd probably have to hard code into the check to email you every time it found something in a non-OK state. Here's more detail on notifications:
http://nagios.sourceforge.net/docs/3_0/ ... tions.html
jonathan.ward
Posts: 5
Joined: Tue Jul 12, 2011 5:50 am

Re: CheckEventLog notifications

Post by jonathan.ward »

Thanks for the response

It's kida what I expected, rather disappointing too!

Does anyone recommend any better ways of monitoring Windows logs with Nagios?
jonathan.ward
Posts: 5
Joined: Tue Jul 12, 2011 5:50 am

Re: CheckEventLog notifications

Post by jonathan.ward »

mguthrie wrote:In Nagios, notifications and events are based on the state changes. You could set the "notification_interval" to be the same as your check_interval. That way it will continue to notify you when the state is critical. However, this doesn't guarantee unique alerts for bad log entries. For this you'd probably have to hard code into the check to email you every time it found something in a non-OK state. Here's more detail on notifications:
http://nagios.sourceforge.net/docs/3_0/ ... tions.html
How can I hardcode this into the check? any tips around?

thank in advance
mguthrie
Posts: 4380
Joined: Mon Jun 14, 2010 10:21 am

Re: CheckEventLog notifications

Post by mguthrie »

First, take a look at the NagEventLog on exchange.nagios.org, and it might be worth browsing what else is on exchange for this, because someone may have already written what you need.

Second, a quick and dirty way to have the output emailed to you every time it's ok a non-OK state would be to simply add the contents of the "notify-service-by-email" event handler into your check script, and replace the macros with the variables from the script.
jonathan.ward
Posts: 5
Joined: Tue Jul 12, 2011 5:50 am

Re: CheckEventLog notifications

Post by jonathan.ward »

Thanks for that I will give it all a try :)
Locked