Hello,
a customer we're working for needs to monitor Microsoft SQL Server Logs for specific events, range of errors and keywords.
As this is not a Windows log, it cannot be parsed with the log-specific plugin. Nor it is a simple text log.
Moreover a simple query would not keep track of already sent notification, so that will send the same event until the log rotate
Is there a way to do a smart parsing of the SQL Server logs?
Thanks and best regards
Juri
MSSQL Server Log Monitoring
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: MSSQL Server Log Monitoring
Hi Juri,
Are the logs available in the Windows Event Logs or directly from a query? Those are the two other methods in XI that may work (besides a log-specific plugin), and there are wizards in the XI to help set up these types of checks. Please let me know.
Beyond that, we do have a dedicated product for log monitoring called Nagios Log Server, that would have more robust features for parsing the logs themselves.
https://www.nagios.com/products/nagios-log-server/
Benjamin
Are the logs available in the Windows Event Logs or directly from a query? Those are the two other methods in XI that may work (besides a log-specific plugin), and there are wizards in the XI to help set up these types of checks. Please let me know.
Beyond that, we do have a dedicated product for log monitoring called Nagios Log Server, that would have more robust features for parsing the logs themselves.
https://www.nagios.com/products/nagios-log-server/
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: MSSQL Server Log Monitoring
Hi Benjamin,
thanks for your reply!
Unfortunately SQL server logs are not available under Windows Event Log.
They can only be accessed by a specific application o by a sql query.
I've checked the XI sql query wizard, but as far as i can see it can only compare the query result with the values you're expecting.
SQL logs look lithe this: We need to look for and notify, as example, all error 17345, 908 and 1492, and anyway everything with a severity of 16 or upper.
Can the XI sql query do this?
Last but not least, the notification should no been sent twice for the same event:
If we have an error 17054 at 15:03:28, and the check is performed every 5 minutes, that specific event should be notified only by the 15:05:00 check and not again by the following check at 15:10:00
Thanks for you support
Best regards
Juri
thanks for your reply!
Unfortunately SQL server logs are not available under Windows Event Log.
They can only be accessed by a specific application o by a sql query.
I've checked the XI sql query wizard, but as far as i can see it can only compare the query result with the values you're expecting.
SQL logs look lithe this: We need to look for and notify, as example, all error 17345, 908 and 1492, and anyway everything with a severity of 16 or upper.
Can the XI sql query do this?
Last but not least, the notification should no been sent twice for the same event:
If we have an error 17054 at 15:03:28, and the check is performed every 5 minutes, that specific event should be notified only by the 15:05:00 check and not again by the following check at 15:10:00
Thanks for you support
Best regards
Juri
You do not have the required permissions to view the files attached to this post.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: MSSQL Server Log Monitoring
Locking thread as there is a duplicate ticket open