Log monitoring

Post by **eloyd** » Mon Mar 28, 2016 6:20 pm

For what it's worth, NLS would run on a separate box and syslog could send data to it. But that's just a suggestion.

emartine · Post by **emartine** » Tue Mar 29, 2016 8:23 am

I'm sure it is. In the mean time I need to get these checks working in nagios xi.

Post by **eloyd** » Tue Mar 29, 2016 8:28 am

What happens when you execute this on the remote host as the nagios user:

Code: Select all

/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/kpi/kpi.log -p Processing -p End -p Start -s /var/log/seek_files/check_log3_kpi_completion.seek -w 1 -c 1

And what happens when you execute this on the Nagios host as the nagios user:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <REMOTEHOST> -c check_log3.pl -a "-l /weblogs/PRODUCTION/kpi/kpi.log -p Processing -p End -p Start -s /var/log/seek_files/check_log3_kpi_completion.seek -w 1 -c 1"

emartine · Post by **emartine** » Tue Mar 29, 2016 9:47 am

As the Nagios user on the remote server when I execute

1)
/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/kpi/kpi.log -p Processing -p End -p Start -s /var/log/seek_files/check_log3_kpi_completion.seek -w 1 -c 1
OK: Found 0 lines (limit=1/1): No matches found.|lines=0

From the Nagios Server as requested
2)
/usr/local/nagios/libexec/check_nrpe -H <REMOTEHOST> -c check_log3.pl -a "-l /weblogs/PRODUCTION/kpi/kpi.log -p Processing -p End -p Start -s /var/log/seek_files/check_log3_kpi_completion.seek -w 1 -c 1"
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

From the Nagios Server using nrpe as configured on remote host (note the output is different since the seek file already found the 52 lines prior to this check)
3)
/usr/local/nagios/libexec/check_nrpe -H <REMOTEHOST> -c check_log3_kpi_completion
OK: Found 0 lines (limit=1/1): No matches found.|lines=0

Post by **eloyd** » Tue Mar 29, 2016 10:27 am

To cover all bases, did you change "<REMOTEHOST>" to be the actual IP/hostname of the remote server?

emartine · Post by **emartine** » Tue Mar 29, 2016 10:35 am

Of course.

Post by **eloyd** » Tue Mar 29, 2016 10:46 am

Sorry, just have to ask. Sometimes people just copy/paste without reading first.

What happens with this as nagios user on the Nagios server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <REMOTEHOST>

rkennedy · Post by **rkennedy** » Tue Mar 29, 2016 10:56 am

Additionally, please run the command @eloyd posted, as well as this one -

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <REMOTEHOST> -n

Can you also post your client NRPE configuration for us to look at?

emartine · Post by **emartine** » Tue Mar 29, 2016 11:12 am

pid_file=/var/run/nrpe.pid
server_port=5666
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=<REMOTEHOSTS>
dont_blame_nrpe=1
debug=1
command_timeout=60
connection_timeout=300

command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_processors]=/usr/local/nagios/libexec/check_processor
command[check_meta]=/usr/local/nagios/libexec/check_disksuite.pl
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
command[check_fs_space]=/usr/local/nagios/libexec/check_fs.pl -w 85% -c 95%
command[check_nic]=/usr/local/nagios/libexec/check_solaris_nics.sh -i e1000g0 -i e1000g1
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_procs]=/usr/local/nagios/libexec/check_procs -w 500 -c 600
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 500 -c 600
command[check_zpools]=/usr/local/nagios/libexec/check_zpools
command[check_log3_kpi_sql]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/kpi/kpi.log -p NzSQLException -s /var/log/seek_files/check_log3_kpi_sql.seek -w 1 -c 1
command[check_log3_kpi_after]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/kpi/kpi.log -d -s /var/log/seek_files/check_log3_kpi_after.seek -w 1 -c 1
command[check_log3_kpi_completion]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/kpi/kpi.log -p Processing -p End -p Start -s /var/log/seek_files/check_log3_kpi_com
pletion.seek -w 1 -c 1
command[check_log3_landingpage_deletelist]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/landingpage/landingpage.log -p "Totals list items to delete is" -s /var/log
/seek_files/check_log3_landingpage_deletelist.seek -a --negate -w 1 -c 1
command[check_log3_landingpage_deleteall]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/landingpage/landingpage.log -p "Landing Page delete all begins" -s /var/log/
seek_files/check_log3_landingpage_deleteall.seek -a --negate -w 1 -c 1
command[check_log3_landingpage_housekeeping]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/landingpage/landingpage.log -p "Landing Page Housekeeping ends" -s /var/l
og/seek_files/check_log3_landingpage_housekeeping.seek -a --negate -w 1 -c 1
command[check_log3_pmo_eclipseapi]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/pmo/pmo.log -p "Nightly Job Eclipse API call and parsing - Start" -s /var/log/seek_
files/check_log3_pmo_eclipseapi.seek -a --negate -w 1 -c 1
command[check_log3_pmo_completed]=/usr/local/nagios/libexec/check_log3.pl -l /weblogs/PRODUCTION/pmo/pmo.log -p "Night updates completed" -s /var/log/seek_files/check_log3_pmo_compl
eted.seek -a --negate -w 1 -c 1

emartine · Post by **emartine** » Tue Mar 29, 2016 11:17 am

/usr/local/nagios/libexec/check_nrpe -H formapps
NRPE v2.12

/usr/local/nagios/libexec/check_nrpe -H formapps -n
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

Nagios Support Forum

Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring

Re: Log monitoring