Hello,
I have ran the below command and getting critical alert.
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MinWarn=1 MinCrit=2 filter-generated=\<30 filter+eventID=="4111" filter+eventType==all filter=all
eventlog: 0 < critical|'eventlog'=0;1;2;
Event id 4111 is not present in 30 minute. Please guide me.
Thanks,
Imran Khan.
Monitoring event id in Nagios ystem.
-
slansing
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: Monitoring event id in Nagios ystem.
Does using eventID 1111 return the same? Is this a valid ID?
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
I am using id:- 4111and it is valid.
Thanks,
Imran Khan.
I am using id:- 4111and it is valid.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
what is the full output of the command:
Code: Select all
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MinWarn=1 MinCrit=2 filter-generated=\<30 filter+eventID=="4111" filter+eventType==all filter=all
eventlog: 0 < critical|'eventlog'=0;1;2;Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
Out put of command is as below only.
eventlog: 0 < critical|'eventlog'=0;1;2;
Thanks,
Imran Khan.
Out put of command is as below only.
eventlog: 0 < critical|'eventlog'=0;1;2;
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
Try changing min to max:
Code: Select all
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\<30 filter+eventID=="4111" filter+eventType==all filter=allFormer Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
Tried but getting same output.
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>15d filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>60d filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>30m filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
Thanks,
Imran Khan.
Tried but getting same output.
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>15d filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>60d filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
./check_nrpe -H IP_Address -p 5666 -c CheckEventLog -a filter=new file=all MaxWarn=1 MaxCrit=2 filter-generated=\>30m filter+eventID=="4111" filter+eventType==all filter=all
Eventlog check ok|'eventlog'=0;1;2;
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
In what way? I though you said it was not present in the past 30 minutes. That would make the check 'ok' now instead of critical. Is that not the output you posted?imran_khan wrote:Tried but getting same output.
imran_khan wrote:Eventlog check ok|'eventlog'=0;1;2;
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
-
imran_khan
- Posts: 196
- Joined: Mon May 27, 2013 3:16 pm
Re: Monitoring event id in Nagios ystem.
Hello,
But this id is present in last one week, 1-month and 2-month, it should display critical alert if event id is present. correct?
I have mentioned my last post >15d, >60d and >30m but it display result OK for all the commands.
Thanks,
Imran Khan.
But this id is present in last one week, 1-month and 2-month, it should display critical alert if event id is present. correct?
I have mentioned my last post >15d, >60d and >30m but it display result OK for all the commands.
Thanks,
Imran Khan.
Re: Monitoring event id in Nagios ystem.
Well, color me confused.
Can you please explain when you want this check to alert and what thresholds you want to set.
imran_khan wrote: Event id 4111 is not present in 30 minute. Please guide me.
Which is it?imran_khan wrote:But this id is present in last one week, 1-month and 2-month, it should display critical alert if event id is present. correct?
I have mentioned my last post >15d, >60d and >30m but it display result OK for all the commands.
Can you please explain when you want this check to alert and what thresholds you want to set.
Former Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.