Hi,
We have instrumented the log monitoring for one of the server however whenever it goes to critical mode it is showing the old lines in status information (capturing the old lines in the logs).
We are using the 'check_log3.pl' script for log monitoring.
Please find attached state history report for the log monitoring.
Could you please help to resolve this issue.
Thanks & Regards,
Avinash
log monitoring - Capt
log monitoring - Capt
You do not have the required permissions to view the files attached to this post.
Re: log monitoring - Capt
Can you show us the actual check run from the command line along with the output of it?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: log monitoring - Capt
Hi lmiltchev,
Please find below the actual command run and output.
/usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H 172.26.47.177 -l batman -C "/home/batman/nagios/check_log3.pl -l '/usr/iptbatch/ItemIntegrationMQBatch/log/ItemIntegrationMQ.log' -p 'Exception' -c 1"
OK: Found 0 lines (limit=1/1): No matches found.|lines=0
Regards,
Avinash
Please find below the actual command run and output.
/usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H 172.26.47.177 -l batman -C "/home/batman/nagios/check_log3.pl -l '/usr/iptbatch/ItemIntegrationMQBatch/log/ItemIntegrationMQ.log' -p 'Exception' -c 1"
OK: Found 0 lines (limit=1/1): No matches found.|lines=0
Regards,
Avinash
Re: log monitoring - Capt
I was not able to recreate the issue in house. When I added new lines, and reran the plugin, the status changed to critical, but the output was showing only the newly added lines. The "old" lines were not included.
test.log (on the remote system)
In XI
(3 new lines)
(no new lines)
Adding 1 new line to the test.log on the remote machine.
In XI
State History report
Can you try something similar, just for the sake of troubleshooting this issue?
It would help if you showed us the actual log that you are monitoring, and the service definition, along with all relevant commands, and templates.
test.log (on the remote system)
Code: Select all
test
test
test(3 new lines)
Code: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
CRITICAL: Found 3 lines (limit=1/1): test|lines=3Code: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
OK: Found 0 lines (limit=1/1): No matches found.|lines=0Code: Select all
test
test
test
testCode: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
CRITICAL: Found 1 lines (limit=1/1): test|lines=1It would help if you showed us the actual log that you are monitoring, and the service definition, along with all relevant commands, and templates.
You do not have the required permissions to view the files attached to this post.
Be sure to check out our Knowledgebase for helpful articles and solutions!