Hi Team,
We have a new requirement for our Windows servers as below:
"Using Nagios, monitor the logs and based on some keywords (like errors, warning, etc) send an email alert having appropriate information about it."
Logpath:
D:\Oracle\Middleware\Oracle_Home\user_projects\domains\webshop_domain\servers\webshop-merchandising\logs\webshop-merchandising.out
In order to meet this, we have checked one article from Nagios Support knowledgebase:
https://support.nagios.com/kb/article/l ... s-787.html
After reading the article, we are a little confused about which would be the best plugin to meet our requirements. Also, I downloaded check_ncpa.py plugin and tried to monitor the logs using it, but getting some error regarding path, we are actually not sure about the command section, what all parameters are there and how to use them.
I would be really thankful to you if you can provide a proper step by step document to meet the requirement or let us know what plugin should we use and also help us with the command section.
Thanks in advance!!
Logs Monitoring using Nagios
Logs Monitoring using Nagios
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Logs Monitoring using Nagios
I would use check_nrpe's check_log file command. The example given is:
./check_nrpe -H 10.25.11.3 -c check_logfile -a file="C:\\Logs\\server.log" filter="line like 'Failed'" top-syntax='${status}: ${count}/${total} matches' 'crit= count > 0'
Installing nsclient++ and configuring it to use NRPE are covered in:
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
./check_nrpe -H 10.25.11.3 -c check_logfile -a file="C:\\Logs\\server.log" filter="line like 'Failed'" top-syntax='${status}: ${count}/${total} matches' 'crit= count > 0'
Installing nsclient++ and configuring it to use NRPE are covered in:
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Logs Monitoring using Nagios
Hello,
We have installed check_log3 plugin and tested to check logs using the same.
PFA the command screen shot and the error that we getting for the same. We have used this plugin because we are using Nagios XI and I found that this plugin is suitable for Nagios XI.
Kindly help us with the error and let us know if any additional ports needs to be opened for the same.
We have installed check_log3 plugin and tested to check logs using the same.
PFA the command screen shot and the error that we getting for the same. We have used this plugin because we are using Nagios XI and I found that this plugin is suitable for Nagios XI.
Kindly help us with the error and let us know if any additional ports needs to be opened for the same.
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Logs Monitoring using Nagios
This plugin needs to reside on the same machine that the log files are on. You'll need to use nsclient++ or ncpa to execute the plugin:
https://support.nagios.com/kb/article/n ... t-528.html
https://support.nagios.com/kb/article/n ... a-722.html
https://support.nagios.com/kb/article/n ... t-528.html
https://support.nagios.com/kb/article/n ... a-722.html
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Logs Monitoring using Nagios
Hello Cdienger,
We have installed the check_log3 plugin on the Windows client server. After the installation, we tried checking it on a test file and we are getting the below error:
Cannot read 'C:\Users\TEMP.SHAREDEV.011\Downloads\test.txt'
PFB the details of log file and plugin path on Windows client server:
1. Path for plugin: C:\Users\TEMP.SHAREDEV.011\Downloads
2. Path for test file (log file): C:\Users\TEMP.SHAREDEV.011\Downloads
I am attaching nsc.ini file of the client server here. Also, I am attaching the command and service definition.
Please have a look at them and let me know what I have missed. I probably need to do some changes in nsc.ini file.
We have installed the check_log3 plugin on the Windows client server. After the installation, we tried checking it on a test file and we are getting the below error:
Cannot read 'C:\Users\TEMP.SHAREDEV.011\Downloads\test.txt'
PFB the details of log file and plugin path on Windows client server:
1. Path for plugin: C:\Users\TEMP.SHAREDEV.011\Downloads
2. Path for test file (log file): C:\Users\TEMP.SHAREDEV.011\Downloads
I am attaching nsc.ini file of the client server here. Also, I am attaching the command and service definition.
Please have a look at them and let me know what I have missed. I probably need to do some changes in nsc.ini file.
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Logs Monitoring using Nagios
Check the permissions on the file. The part of the script that appears to be throwing the error is:
"-f" verifies if the file is a plain file. I'm not entirely sure what is meant by this(I assume a simple text file would be "plain" enough...), but you can also try changing the script to verify if the file exists or not by changing it:
Code: Select all
if (! -f "$log_file") {
if ($missing) {
# Custom error message & state
print "$missing_msg\n";
exit $ERRORS{uc($missing)};
} else {
# Standard error message
my $errstr = "Cannot read '$log_file'";
$errstr = "Cannot read '$log_file$log_pattern' or '$log_file'" if $log_pattern;
ioerror($errstr);
}
}Code: Select all
if (! -e "$log_file") {
if ($missing) {
# Custom error message & state
print "$missing_msg\n";
exit $ERRORS{uc($missing)};
} else {
# Standard error message
my $errstr = "Cannot read '$log_file'";
$errstr = "Cannot read '$log_file$log_pattern' or '$log_file'" if $log_pattern;
ioerror($errstr);
}
}As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Logs Monitoring using Nagios
Hello,
I have tried changing the script as per your suggestion but getting the same error.
I have also checked the file permissions and the file has all the permissions for Nagios user and as an Admin too.
I ran below command in Nagios server and got the error:
[nagios@eu2napu003 libexec]$ /usr/local/nagios/libexec/check_nrpe -H 10.147.209.97 -t 30 -c check_log3
UNKNOWN: No handler for that command
[nagios@eu2napu003 libexec]$
10.147.209.97 => IP of Windows server.
When I googled the above error,I did some changes in nsc.ini as per that, below is the link which I referred:
https://support.nagios.com/forum/viewto ... 16&t=33020
I am attaching the command definition and nsc.ini file once again, I am pretty sure that I have missed something in the config file or did some mistake in command definition, please check them once.
Also, I have copied the check_log3.exe plugin in below path so that it should be present in scripts path:
C:\Program Files\NSClient++\scripts
Thanks a lot for your support!!
I have tried changing the script as per your suggestion but getting the same error.
I have also checked the file permissions and the file has all the permissions for Nagios user and as an Admin too.
I ran below command in Nagios server and got the error:
[nagios@eu2napu003 libexec]$ /usr/local/nagios/libexec/check_nrpe -H 10.147.209.97 -t 30 -c check_log3
UNKNOWN: No handler for that command
[nagios@eu2napu003 libexec]$
10.147.209.97 => IP of Windows server.
When I googled the above error,I did some changes in nsc.ini as per that, below is the link which I referred:
https://support.nagios.com/forum/viewto ... 16&t=33020
I am attaching the command definition and nsc.ini file once again, I am pretty sure that I have missed something in the config file or did some mistake in command definition, please check them once.
Also, I have copied the check_log3.exe plugin in below path so that it should be present in scripts path:
C:\Program Files\NSClient++\scripts
Thanks a lot for your support!!
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Logs Monitoring using Nagios
I was able to reproduce the issue with the "cannot read ..." message. It looks like the script doesn't like the single quotes. Try using double quotes around the file location.
The script definition should be under the [/settings/external scripts/scripts] section. I used:
[/settings/external scripts/scripts]
check_log3=perl scripts\\check_log3.pl -l "$ARG1$" -p "$ARG2$" -w $ARG3$ -c $ARG4$
and on the XI side I created a command and service check like so:
The script definition should be under the [/settings/external scripts/scripts] section. I used:
[/settings/external scripts/scripts]
check_log3=perl scripts\\check_log3.pl -l "$ARG1$" -p "$ARG2$" -w $ARG3$ -c $ARG4$
and on the XI side I created a command and service check like so:
You do not have the required permissions to view the files attached to this post.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Logs Monitoring using Nagios
Hello,
I have made the changes as per your suggestion and now we are getting the below error:
"UNKNOWN: No handler for that command"
I am again attaching the updated nsc.ini file here.
Also, PFA the commands section and the service definition.
After doing the changes I have restarted the NSC++ service and got this new error. I have also put double quotes around the file location.
I have made the changes as per your suggestion and now we are getting the below error:
"UNKNOWN: No handler for that command"
I am again attaching the updated nsc.ini file here.
Also, PFA the commands section and the service definition.
After doing the changes I have restarted the NSC++ service and got this new error. I have also put double quotes around the file location.
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Logs Monitoring using Nagios
Take a look at this link for some examples on how to check log files on a Windows system.
https://support.nagios.com/kb/article/l ... s-787.html
Especially under this section.
But, you will have to upgrade NSClient++ on the Windows Server and I suggest using the latest 0.4.4.xx version from this link.
http://nsclient.org/download/0.4.4/
Use this to install it
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
And this
https://assets.nagios.com/downloads/nag ... _0.4.x.pdf
After the NSClient++ is installed, you can use the example from the first link to create a check for the log file.
https://support.nagios.com/kb/article/l ... s-787.html
Especially under this section.
This is a built in command so it is much easier to get working.NSClient++ via check_nrpe > Log Files
But, you will have to upgrade NSClient++ on the Windows Server and I suggest using the latest 0.4.4.xx version from this link.
http://nsclient.org/download/0.4.4/
Use this to install it
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
And this
https://assets.nagios.com/downloads/nag ... _0.4.x.pdf
After the NSClient++ is installed, you can use the example from the first link to create a check for the log file.
Be sure to check out our Knowledgebase for helpful articles and solutions!