Do you guys recommend any good log monitoring plugins.(both windows and Linux)
also
I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.
Log Server Mointoring
Re: Log Server Mointoring
Hello,
For the purposes of log monitoring, I'm confident in recommending Nagios Log Server first and foremost - you should take a look at it if you haven't already. No plugin will beat the capability that Nagios Log Server offers.
With the above in mind, there are several plugins that can monitor logs remotely as well - I have had some success with check_log3. Let me know if that solution looks like it would work out for you.
You are free to browse our other solutions on the Nagios Exchange: http://exchange.nagios.org/directory/Plugins/Log-Files
Let me know if you have any further questions - if you give us some more detail about what exactly you'd like to accomplish, perhaps we could point out a tool suited for that particular job. Thanks!
For the purposes of log monitoring, I'm confident in recommending Nagios Log Server first and foremost - you should take a look at it if you haven't already. No plugin will beat the capability that Nagios Log Server offers.
With the above in mind, there are several plugins that can monitor logs remotely as well - I have had some success with check_log3. Let me know if that solution looks like it would work out for you.
You are free to browse our other solutions on the Nagios Exchange: http://exchange.nagios.org/directory/Plugins/Log-Files
Let me know if you have any further questions - if you give us some more detail about what exactly you'd like to accomplish, perhaps we could point out a tool suited for that particular job. Thanks!
Re: Log Server Mointoring
i am looking for a plugin that goes threw a log file and check for a specific word such as i wanna search messages file for errors. basically a search pattern
I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.
I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.
Re: Log Server Mointoring
check_log3 will work perfectly in this case. Do you already have NSClient or similar installed on your Windows Servers? You can use NSClient to perform the check_log3 check actively. Let me know if this is something you'd like to do.i am looking for a plugin that goes threw a log file and check for a specific word such as i wanna search messages file for errors. basically a search pattern
That is a difficult question to answer without having more information. What have you done already - and what is failing? Are there any error messages? Please give us some detail to start with, and we'll be happy to help you.I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.
-
snapon_admin
- Posts: 952
- Joined: Mon Jun 10, 2013 10:39 am
- Location: Kenosha, WI
- Contact:
Re: Log Server Mointoring
We use this plugin: http://exchange.nagios.org/directory/Pl ... es/details
We're only monitoring like 4 files for a specific string so we couldn't justify getting log server. If you're looking to monitor a lot of logs and want more functionality than just an alert when a string is found I would also recommend Nagios Log Server. We demoed it out for a bit, but I couldn't get people interested enough in it to send me their logs so it sort of fell through, but it worked well from what I saw.
We're only monitoring like 4 files for a specific string so we couldn't justify getting log server. If you're looking to monitor a lot of logs and want more functionality than just an alert when a string is found I would also recommend Nagios Log Server. We demoed it out for a bit, but I couldn't get people interested enough in it to send me their logs so it sort of fell through, but it worked well from what I saw.
Re: Log Server Mointoring
Appreciate the recommendation.
gdolidze, report back with any questions/concerns you have. Thanks!
gdolidze, report back with any questions/concerns you have. Thanks!
Re: Log Server Mointoring
So i have check_Log3 but i am getting permissions denied for /var/log/messages, using this command line
Unable to open '/var/log/messages': Permission denied $USER1$/check_log3.pl -l var/log/messages -p '[Ee]rror' -n nrpe
What user needs permission for this plugin.
check_log3.pl -l /var/log/messages -p '[Ee]rror' -n nrpe
i have tried linking it to a different location but there i get
Cannot read '/usr/local/nagios/logs/messages
i also tried giving others read permission but that doesn't work either
-rw-rw-r--. 1 root root 2957410 May 13 12:11 messages
Cannot read 'var/log/messages'
as the nagios user i can do cat /var/log/messages
Unable to open '/var/log/messages': Permission denied $USER1$/check_log3.pl -l var/log/messages -p '[Ee]rror' -n nrpe
What user needs permission for this plugin.
check_log3.pl -l /var/log/messages -p '[Ee]rror' -n nrpe
i have tried linking it to a different location but there i get
Cannot read '/usr/local/nagios/logs/messages
i also tried giving others read permission but that doesn't work either
-rw-rw-r--. 1 root root 2957410 May 13 12:11 messages
Cannot read 'var/log/messages'
as the nagios user i can do cat /var/log/messages
Re: Log Server Mointoring
Our introduction webinars are perfect for this purpose: https://www.youtube.com/watch?v=-_BNGBkBf5Y
The nagios user will be the one running the plugin, so the nagios user will need at least read access to /var/log/messages.
The safest way to do this is likely to add a line to /etc/sudoers with the explicit command you'd like the nagios user to run. For example:
Once added, the nagios user will need to use 'sudo' in front of the command:
You will have to edit your 'command' in the nagios GUI accordingly:
The nagios user will be the one running the plugin, so the nagios user will need at least read access to /var/log/messages.
The safest way to do this is likely to add a line to /etc/sudoers with the explicit command you'd like the nagios user to run. For example:
Code: Select all
nagios ALL = NOPASSWD:/usr/local/nagios/libexec/check_log3.pl -l /var/log/messages -p someline -c 1Code: Select all
[nagios@localhost ~]$ sudo /usr/local/nagios/libexec/check_log3.pl -l /var/log/messages -p someline -c 1
OK: Found 0 lines (limit=1/1): No matches found.|lines=0You do not have the required permissions to view the files attached to this post.
Re: Log Server Mointoring
I get this error (No output on stdout) stderr: sudo: no tty present and no askpass program specified
Re: Log Server Mointoring
If you log in as the nagios user, can you run the command on the box locally?
If you can, that's a great start. Are you using NRPE for remote checks? If so, would you mind posting your NRPE configuration?
Code: Select all
su - nagios
/usr/local/nagios/libexec/check_log3.pl -l /var/log/messages -p someline -c 1Code: Select all
cat /usr/local/nagios/etc/nrpe.cfg