Page 1 of 1
CheckEventLog notifications
Posted: Tue Jul 12, 2011 5:53 am
by jonathan.ward
Hi,
I have a generic CheckEventLog query for the system and application logs, which has taken some time to get working due to this being completely new to me!
My problem is that I have got all my errors in either log going into my Nagios console, however only 1 is being reported by email. I believe this is because the state is remaining critical and the nagios service only reports state changes by default. How can I get it to email every new event in the logs?
in other words I have servers with lots of regular errors and want them all being sent to my inbox (for the time being!)
Can anyone point me in the right direction
Many Thanks
J
Re: CheckEventLog notifications
Posted: Wed Jul 13, 2011 9:35 am
by mguthrie
In Nagios, notifications and events are based on the state changes. You could set the "notification_interval" to be the same as your check_interval. That way it will continue to notify you when the state is critical. However, this doesn't guarantee unique alerts for bad log entries. For this you'd probably have to hard code into the check to email you every time it found something in a non-OK state. Here's more detail on notifications:
http://nagios.sourceforge.net/docs/3_0/ ... tions.html
Re: CheckEventLog notifications
Posted: Thu Jul 14, 2011 9:36 am
by jonathan.ward
Thanks for the response
It's kida what I expected, rather disappointing too!
Does anyone recommend any better ways of monitoring Windows logs with Nagios?
Re: CheckEventLog notifications
Posted: Thu Jul 14, 2011 9:41 am
by jonathan.ward
mguthrie wrote:In Nagios, notifications and events are based on the state changes. You could set the "notification_interval" to be the same as your check_interval. That way it will continue to notify you when the state is critical. However, this doesn't guarantee unique alerts for bad log entries. For this you'd probably have to hard code into the check to email you every time it found something in a non-OK state. Here's more detail on notifications:
http://nagios.sourceforge.net/docs/3_0/ ... tions.html
How can I hardcode this into the check? any tips around?
thank in advance
Re: CheckEventLog notifications
Posted: Thu Jul 14, 2011 10:00 am
by mguthrie
First, take a look at the NagEventLog on exchange.nagios.org, and it might be worth browsing what else is on exchange for this, because someone may have already written what you need.
Second, a quick and dirty way to have the output emailed to you every time it's ok a non-OK state would be to simply add the contents of the "notify-service-by-email" event handler into your check script, and replace the macros with the variables from the script.
Re: CheckEventLog notifications
Posted: Fri Jul 15, 2011 2:59 am
by jonathan.ward
Thanks for that I will give it all a try
