Nagios alerting with Elasticsearch.

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
ankukreja
Posts: 45
Joined: Mon Dec 15, 2014 5:12 pm

Nagios alerting with Elasticsearch.

Post by ankukreja »

Hi ,

I am using ElasticSearch along with Logstash . Now I want Nagios to fire the query on ElasticSearch and fire the alert if count is greater than certain threshold. As you can see in below query , the count is coming as 31 and I want to fire alert in Nagios by hitting this curl.


[root@localhost Desktop]# curl -XGET
'http://localhost:9200/_count?q=oracle.j ... ocessError'
2>/dev/null | egrep -o '"count":[0-9]+' |cut -d":" -f2

31


Is there any way I can do that ?
Top
User avatar
rhassing
Posts: 416
Joined: Sat Oct 05, 2013 10:29 pm
Location: Netherlands

Re: Nagios alerting with Elasticsearch.

Post by rhassing »

Maybe the following would work:

Code: Select all

#! /bin/perl


use strict;
use Getopt::Long;
use vars qw($opt_V $opt_h $opt_w $opt_c $PROGNAME);
use lib "/usr/lib/nagios/plugins" ;
use utils qw(%ERRORS &print_revision &support &usage);

$PROGNAME = "check_ElasticSearch";

sub print_help ();
sub print_usage ();

$ENV{'PATH'}='';
$ENV{'BASH_ENV'}=''; 
$ENV{'ENV'}='';

Getopt::Long::Configure('bundling');
GetOptions
        ("V"   => \$opt_V, "version"    => \$opt_V,
         "h"   => \$opt_h, "help"       => \$opt_h,
         "w=s" => \$opt_w, "warning=s"  => \$opt_w,
         "c=s" => \$opt_c, "critical=s" => \$opt_c);

if ($opt_V) {
        print_revision($PROGNAME,'1.0.0');
        exit $ERRORS{'OK'};
}

if ($opt_h) {print_help(); exit $ERRORS{'OK'};}

($opt_w) || usage("Warning threshold not specified\n");
my $warning = $1 if ($opt_w =~ /([0-9]{1,2}|100)+/);
($warning) || usage("Invalid warning threshold: $opt_w\n");

($opt_c) || usage("Critical threshold not specified\n");
my $critical = $1 if ($opt_c =~ /([0-9]{1,2}|100)/);
($critical) || usage("Invalid critical threshold: $opt_c\n");

my $count=0;
$count = `curl -XGET 'http://localhost:9200/_count?q=oracle.jdbc.driver.T4C8Oall.processError' 2>/dev/null | /usr/bin/egrep -o '"count":[0-9]+' |/usr/bin/cut -d":" -f2`;

chomp $count;

        print "The current count is: $count | count=$count";

# print "The current count is: $count | count = $count,$opt_w,$opt_c ";

exit $ERRORS{'CRITICAL'} if ($count<$critical);
exit $ERRORS{'WARNING'} if ($count<$warning);
exit $ERRORS{'OK'};


sub print_usage () {
        print "Usage: $PROGNAME -w <warn> -c <crit>\n";
}

sub print_help () {
        print_revision($PROGNAME,'1.0.0');
        print "Copyright (c) 2015 Rob Hassing

This plugin does a query on ElasticSearch

";
        print_usage();
        print "
-w, --warning=INTEGER
   below which a WARNING status will result
-c, --critical=INTEGER
   below which a CRITICAL status will result

";
        support();
}
Rob Hassing
Image
Top
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Nagios alerting with Elasticsearch.

Post by ssax »

Thanks rhassing!

ankukreja, let us know if rhassing's solution worked for you.
Top
ankukreja
Posts: 45
Joined: Mon Dec 15, 2014 5:12 pm

Re: Nagios alerting with Elasticsearch.

Post by ankukreja »

ssax wrote:Thanks rhassing!

ankukreja, let us know if rhassing's solution worked for you.
I would try it after some time . However I have never created any perl plugin on Nagios or somewhere before . Is there any prerequisite for this , any installations etc or should I just save this as .pl in my /user/local/nagios/libexec folder and that would do the trick . Also I wanted this plugin it to be configurable to be able to run it for different keyword and with different threshold.

I am running on Centos. Please suggest the steps
Top
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: Nagios alerting with Elasticsearch.

Post by tmcdonald »

I assume you have perl installed already, so in that case you would just save it under /usr/local/nagios/libexec. If you do not have perl installed then you can just "yum install perl" to get it.

As for making it configurable, that would be up to rhassing if he wants to make the modifications. We can do minor tweaks here and there but full-on development work is something you would need to talk to our Sales team if you wanted us to do.
Former Nagios employee
Top
ankukreja
Posts: 45
Joined: Mon Dec 15, 2014 5:12 pm

Re: Nagios alerting with Elasticsearch.

Post by ankukreja »

rhassing wrote:Maybe the following would work:

Code: Select all

#! /bin/perl


use strict;
use Getopt::Long;
use vars qw($opt_V $opt_h $opt_w $opt_c $PROGNAME);
use lib "/usr/lib/nagios/plugins" ;
use utils qw(%ERRORS &print_revision &support &usage);

$PROGNAME = "check_ElasticSearch";

sub print_help ();
sub print_usage ();

$ENV{'PATH'}='';
$ENV{'BASH_ENV'}=''; 
$ENV{'ENV'}='';

Getopt::Long::Configure('bundling');
GetOptions
        ("V"   => \$opt_V, "version"    => \$opt_V,
         "h"   => \$opt_h, "help"       => \$opt_h,
         "w=s" => \$opt_w, "warning=s"  => \$opt_w,
         "c=s" => \$opt_c, "critical=s" => \$opt_c);

if ($opt_V) {
        print_revision($PROGNAME,'1.0.0');
        exit $ERRORS{'OK'};
}

if ($opt_h) {print_help(); exit $ERRORS{'OK'};}

($opt_w) || usage("Warning threshold not specified\n");
my $warning = $1 if ($opt_w =~ /([0-9]{1,2}|100)+/);
($warning) || usage("Invalid warning threshold: $opt_w\n");

($opt_c) || usage("Critical threshold not specified\n");
my $critical = $1 if ($opt_c =~ /([0-9]{1,2}|100)/);
($critical) || usage("Invalid critical threshold: $opt_c\n");

my $count=0;
$count = `curl -XGET 'http://localhost:9200/_count?q=oracle.jdbc.driver.T4C8Oall.processError' 2>/dev/null | /usr/bin/egrep -o '"count":[0-9]+' |/usr/bin/cut -d":" -f2`;

chomp $count;

        print "The current count is: $count | count=$count";

# print "The current count is: $count | count = $count,$opt_w,$opt_c ";

exit $ERRORS{'CRITICAL'} if ($count<$critical);
exit $ERRORS{'WARNING'} if ($count<$warning);
exit $ERRORS{'OK'};


sub print_usage () {
        print "Usage: $PROGNAME -w <warn> -c <crit>\n";
}

sub print_help () {
        print_revision($PROGNAME,'1.0.0');
        print "Copyright (c) 2015 Rob Hassing

This plugin does a query on ElasticSearch

";
        print_usage();
        print "
-w, --warning=INTEGER
   below which a WARNING status will result
-c, --critical=INTEGER
   below which a CRITICAL status will result

";
        support();
}

Thank you very much for this perl script . However I am facing one issue in this .

Running the command on shell gives correct result of 31 , however when I run the same perl script , it gives empty,

[root@localhost libexec]# curl -XGET 'http://192.168.182.129:9200/_count?q=or ... ocessError' 2>/dev/null | /bin/egrep -o '"count":[0-9]+' |/usr/bin/cut -d":" -f2
31
[root@localhost libexec]# perl check_ElasticSearch.pl -w 1 -c 2
The current count is: | count=[root@localhost libexec]#


I understand it is not something that Nagios is impacting , but still if could help.
Top
ankukreja
Posts: 45
Joined: Mon Dec 15, 2014 5:12 pm

Re: Nagios alerting with Elasticsearch.

Post by ankukreja »

Thank You very much everyone. It worked perfectly.
Top
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: Nagios alerting with Elasticsearch.

Post by tmcdonald »

I'll be closing this thread now, but feel free to open another if you need anything in the future!
Former Nagios employee
Top
Locked

Return to “Open Source Nagios Projects”