Nagios Support Forum

I'm searching for script that can tail and the check the log for certain words(like a filter).

I saw alot of check log files script but they will check the whole log. I only need to check the last entry in the log file.
This needs to be for a linux machine and also need to work with nrpe for remote check.

Hi ruffsense,

This plugin is good:

http://exchange.nagios.org/directory/Pl ... pl/details

It stores the location of the last search, so continues on from there (i.e. won't keep searching the whole log file).

Good luck!

Kind Regards,

Gary Shergill

One this to note with this plugin, if you test it as root from the command line before deploying to nagios, make sure the nagios user has permissions to read/write the seek file.

Not working for me...

Plug-in error: time out after 15 seconds

Can you show us the format of the command you were running, as if running it from the command line? Were you running the plugin locally, or to a remote system?..

slansing wrote:Can you show us the format of the command you were running, as if running it from the command line? Were you running the plugin locally, or to a remote system?..

check_log3.pl -l /var/log/audit.log -s /tmp/audit.seek -p 'errors' -w 0 -c 1

How big is the log?

abrist wrote:How big is the log?

46870862387 May 24 11:50 rtfenqueue.log

It is really big.

You should run the script locally from the remote host's cli. Time it. You will need to make sure the timeout on the check is a bit longer than the average length of time it takes for the script to run. Or run the script passively and then report the result back to the Nagios server.