Detecting a string in a file

[ssax]

Try that and see if it works for you:

Code: Select all

./check_nrpe -H 10.147.108.41 -c check_log3 -a "D:\sea77\SWEApp\LOG\base.txt" "HOTFIX -w 10 -c 50" 

Let us know the results.

[RIDS_I2MP]

Hi Team,

Thanks I am able to apply thresholds are receiving expected results.

I am having some more task with this, files are generating after specific interval in the folder and I need to check the string in the recent file generated, kindly let me know which logic can I use so that Nagios checks for the string in the recent file generated.

Below mentioned is the format of name of the files generated where "ss" is constant and "YYMMDD" defines year, month and date and '%' is any random number:
ssYYMMDD_%%%%%.log

Kindly suggest.

[ssax]

To monitor files with a dynamic component in the filename, such as rotated or time stamped fike names, use -l to specify only the fixed part of the path and filename, and the -m option to specify the variable part, using a glob expression (see "man 7 glob"). If this combination pattern of -l and -m matches more than one file, you can use the -t option to further narrow down the selection to the most recently modified file, the first match (sorted alphabetically) or the last match (this is the default). You can also use macro's similar to the Unix date(1) format string syntax, and you can use the --timestamp option to tell the script to look for files with timestamps in the past (the default is the current date).

When using -m, do not specify a seek file; it will be ignored unless it is /dev/null or a directory. Also note that glob patterns are not the same as regular expressions (please let me know if you want support for that).

If the -l option points to a directory, -m '*' is assumed.

Taken from the plugin page:

https://exchange.nagios.org/directory/P ... pl/details

[RIDS_I2MP]

Hi Team,

We have checked the above suggestions but we are receiving errors as mentioned below:
1) '-l' option is specified as invalid.
2) what special character should we use to specify any random number in the file name.
3) We are not able to specify the extension of the file, if we don't use ".log" then it works otherwise it throws error

Refer the screenshot attached.

[ssax]

If the -l character isn't supported, please download the latest version of the plugin here:

https://sourceforge.net/projects/pma-os ... s-plugins/

How do you have it defined in your nsclient.ini? Here's mine:

Code: Select all

check_log3 = scripts\\check_log3.exe $ARG1$

Then run the command like this:

Code: Select all

./check_nrpe -H 192.168.5.232 -c check_log3 -a '-l d:\testfolder\ss -m %y%m%d_*.txt -p TEST'

[RIDS_I2MP]

Hi Team,

Our requirement is to check the log file every 5mins to detect the string, and the file gets modified any time in the day. So this check is not working as expected because this check detects the string only for the first check after the file is modified.

Kindly let us know some other option which can detect the string on every check whether the file is modified or not.

Kindly suggest.

[ssax]

Kindly let us know some other option which can detect the string on every check whether the file is modified or not.

Can you expand on what you mean? The check works on mine from the very first time I run it against the new file.

[RIDS_I2MP]

Hi Team,

I have made required changes now its not returning me any error message but it is not providing me required output.

The results are cached, so if this is not a "new" entry, the check will not show any results. What happens if you add a few new lines to the "base.txt" file, containing "HOTFIX", and rerun the check? Does it find the new strings?

As per above discussion, the string is detected only on 1st check after any new entry is made in the file and it will not detect the string for further checks until and unless a new entry is made in the file.

But my requirement is to detect the string on every check even if any new entry is made or not in the file.

[tgriep]

The check_log3 plugin does have an option to always search through the logfile.

-s, --seekfile=<seekfile|base_dir>
The temporary file to store the seek position of the last scan. If not
specified, it will be automatically generated in C:\Users\username\AppData\Local\Temp, based on the
log file's base name. If this is a directory, the seek file will be auto-
generated there instead of in C:\Users\username\AppData\Local\Temp.
If you specify the system's null device (nul), the entire log file
will be read every time.

The example below you would add to the command for this function to work.

Code: Select all

-s NUL

Is this what you are looking for?

[RIDS_I2MP]

Hi Team,

I have downloaded the .exe file from below provided link, still I '-l ' option is not working:

If the -l character isn't supported, please download the latest version of the plugin here:

https://sourceforge.net/projects/pma-os ... s-plugins/

"check_log3.exe version 3.11d"

Above specified is the version of new download, is it the new version in which '-l ' option works?