Nagios Support Forum

Here is the result of applying the command 3 times:

[nagios@nms libexec]$ ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --noprotocol --criticalthreshold=1 --type=virtual"
OK - no errors or warnings|default_lines=27979 default_warnings=0 default_criticals=0 default_unknowns=0

[nagios@nms libexec]$ ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --noprotocol --criticalthreshold=1 --type=virtual"
OK - no errors or warnings|default_lines=28033 default_warnings=0 default_criticals=0 default_unknowns=0

[nagios@nms libexec]$ ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --noprotocol --criticalthreshold=1 --type=virtual"
OK - no errors or warnings|default_lines=28053 default_warnings=0 default_criticals=0 default_unknowns=0

[nagios@nms libexec]$




It is working fine, what we want is to set the reading log file from the offset, the file we monitor is related to the date ( `date +%Y%m%d`-Actions.log) , when error occurred the error messages received during all the day until new logfile created by means that the reading is always start from the begging not from the offset.

Ok, from what you posted it doesn't look like your seekfiles are being created in /var/tmp/check_logfiles directory (because it doesn't exist).

Did you compile the check_logfiles plugin with --with-seekfiles-dir option? If so, what did you set it as? (The default is /var/tmp/check_logfiles).

Try to find it on your system and let us know the output, then run the commands that I sent in my previous post on that directory:

[nagios@nms libexec]$ ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --with-seekfiles-dir --noprotocol --criticalthreshold=1 --type=virtual"
Unknown option: with-seekfiles-dir
This Nagios Plugin comes with absolutely NO WARRANTY. You may use
it on your own risk!
Copyright by ConSol Software GmbH, Gerhard Lausser.

This plugin looks for patterns in logfiles, even in those who were rotated
since the last run of this plugin.

You can find the complete documentation at
http://labs.consol.de/nagios/check_logfiles/

Usage: check_logfiles [-t timeout] -f <configfile>

The configfile looks like this:

$seekfilesdir = '/opt/nagios/var/tmp';
# where the state information will be saved.

$protocolsdir = '/opt/nagios/var/tmp';
# where protocols with found patterns will be stored.

$scriptpath = '/opt/nagios/var/tmp';
# where scripts will be searched for.

$MACROS = { CL_DISK01 => "/dev/dsk/c0d1", CL_DISK02 => "/dev/dsk/c0d2" };

@searches = (
{
tag => 'temperature',
logfile => '/var/adm/syslog/syslog.log',
rotation => 'bmwhpux',
criticalpatterns => ['OVERTEMP_EMERG', 'Power supply failed'],
warningpatte
You have new mail in /var/spool/mail/root
[nagios@nms libexec]$

Try running the command below with savestate enabled, that should store the position of the last check.

This option forces the creation of a seekfile for searches of type virtual

[root@nms libexec]# ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --savestate --noprotocol --criticalthreshold=1 --type=virtual"
Unknown option: savestate
This Nagios Plugin comes with absolutely NO WARRANTY. You may use
it on your own risk!
Copyright by ConSol Software GmbH, Gerhard Lausser.

This plugin looks for patterns in logfiles, even in those who were rotated
since the last run of this plugin.

You can find the complete documentation at
http://labs.consol.de/nagios/check_logfiles/

Usage: check_logfiles [-t timeout] -f <configfile>

The configfile looks like this:

$seekfilesdir = '/opt/nagios/var/tmp';
# where the state information will be saved.

$protocolsdir = '/opt/nagios/var/tmp';
# where protocols with found patterns will be stored.

$scriptpath = '/opt/nagios/var/tmp';
# where scripts will be searched for.

$MACROS = { CL_DISK01 => "/dev/dsk/c0d1", CL_DISK02 => "/dev/dsk/c0d2" };

@searches = (
{
tag => 'temperature',
logfile => '/var/adm/syslog/syslog.log',
rotation => 'bmwhpux',
criticalpatterns => ['OVERTEMP_EMERG', 'Power supply failed'],
warningpatterns => ['
[root@nms libexec]#

By default it will use the seekfile so you don't have to use savestate, the problem is with the seekfile directory and files:
Then run this command on those directories:
Mine were at /var/tmp/check_logfiles and /tmp/check_logfiles, yours must be different.

[nagios@nms libexec]$ chown -R nagios.nagios /usr/local/nagios/var/check_logfiles
[nagios@nms libexec]$ chown -R nagios.nagios /usr/local/nagios/libexec/check_logfiles
[nagios@nms libexec]$ ./check_nrpe -H Charging-OP -c check_logfiles -a "--logfile=D:\\TopupServiceLogs\\`date +%Y%m%d`-Actions.log --rotation=\d{2}\d{2}\d{2}-Actions.log --criticalpattern=ERROR --noprotocol --criticalthreshold=1 --type=virtual"
OK - no errors or warnings|default_lines=53692 default_warnings=0 default_criticals=0 default_unknowns=0



[nagios@nms libexec]$ ls /var/tmp/check_logfiles
ls: cannot access /var/tmp/check_logfiles: No such file or directory
[nagios@nms libexec]$ ls /tmp/check_logfiles
ls: cannot access /tmp/check_logfiles: No such file or directory

Can you run this and post the results.

[nagios@nms root]$ ls -l /opt/nagios/var/tmp
ls: cannot access /opt/nagios/var/tmp: No such file or directory
[nagios@nms root]$

Since you are running the script through NRPE, the script and the seek files will be stored on the remote host. It looks like this is a Windows server, is it?