check_log not returning to RECOVERY/Normal state

[and1100]

Hi,

It seems my check_log will not 'RECOVER' after sending out the alert for the log query after a match of the string is found. Please see below:

Code: Select all

define service {
        use                     generic-service
        host_name               ahostname
        service_description     LOGIN FAILURE
        check_command           check_nrpe!check_ftplog
        max_check_attempts      1
        is_volatile                       1
        }

Code: Select all

command[check_ftplog]=/usr/local/nagios/libexec/check_log -F /var/log/vsftpd.log -O /tmp/tmplog.log -q incorrect

Subsequent emails at 10min intervals:

***** Nagios *****

Notification Type: PROBLEM

Service: LOGIN FAILURE
Host: ahostnamehere
Address: x.x.x.x
State: CRITICAL

Date/Time: Mon Jul 21 14:06:38 EDT 2014

Additional Info:

(1) Mon Jul 21 13:55:28 2014 [pid 12965] [username] FTP response: Client 127.0.0.1, 530 Login incorrect.

No recovery has been sent or appears to be sending. Is there an option I am not setting specifically for this? Thank you.

[and1100]

I think this is boiling down to a permission issue on the tmp file... investigating now.

[and1100]

Sorry for the post -- it looks like it was a permission issue with the tmp file. For the record, I had to change the ownership of the tmp file to nagios.nagios.

My apologies! Thank you.

[tmcdonald]

Not a problem, glad it got resolved (sorry we didn't get to you sooner - Mondays are always hectic)!