Hello,
I want to monitor particular event id in Nagios. When I am running below command on Nagios system every time getting message “Eventlog check ok|'eventlog'=0;1;1;”. If I put the wrong event id/any word/any number (e.g. 1567, xyz, 345wer) still showing same message. What is wrong with the below command?
./check_nrpe -H IP_ Address -c CheckEventLog -a filter=new file=application MaxWarn=1 MaxCrit=1 filter=in filter-generated=\>1d filter+eventID==1111
Thanks,
Imran Khan.
Monitoring event id in Nagios ystem.
Re: Monitoring event id in Nagios ystem.
Are there events with this ID in your logs? I ask because it will only alert when the ID is present, otherwise, it returns ok as it has not found the event.
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
Yes, Event ID is present in system logs.
Thanks,
Imran Khan.
Yes, Event ID is present in system logs.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
Can you remove the filter from the command, and try with just the event?
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
I have resolved this issue. I want to set the service check time is 5 minutes and if critical alert/error keeps 10 minutes then send the email. How can I achieve this?
Thanks,
Imran Khan.
I have resolved this issue. I want to set the service check time is 5 minutes and if critical alert/error keeps 10 minutes then send the email. How can I achieve this?
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
You could use a "first notification delay" of 10 minutes on the service check. Add the following to the service check definition:
Code: Select all
first_notification_delay 10Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
Thanks for the reply.
I want to check service every 5 minute and if critical alert keeps/present 10 minutes in Nagios system then automatically send the alert mail. How can I achieve this?
Also Is there any way to count event log alert. Means if critical event generate in server 10 times then it shows the same count in Nagios system.
Thanks,
Imran Khan.
Thanks for the reply.
I want to check service every 5 minute and if critical alert keeps/present 10 minutes in Nagios system then automatically send the alert mail. How can I achieve this?
Also Is there any way to count event log alert. Means if critical event generate in server 10 times then it shows the same count in Nagios system.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
This directive will delay any notifications from going out once an object reaches HARD Critical for 10 minutes. As far as I can tell, this is exactly what you want.abrist wrote:You could use a "first notification delay" of 10 minutes on the service check. Add the following to the service check definition:Code: Select all
first_notification_delay 10
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
Is there any way to count event log alert. Means if critical event generate in server 10 times then it shows the same count in Nagios system.
Thanks,
Imran Khan.
Is there any way to count event log alert. Means if critical event generate in server 10 times then it shows the same count in Nagios system.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
I believe this is how the current eventlog checker in NSClient in implemented as the check is against the number of matching event log records:
http://www.nsclient.org/nscp/wiki/Check ... k_eventlog
http://www.nsclient.org/nscp/wiki/Check ... k_eventlog
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.