Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

sending nagios logs to rsyslog

https://support.nagios.com/forum/viewtopic.php?t=28493

Page 1 of 1

sending nagios logs to rsyslog

Posted: Thu Jul 31, 2014 5:27 am
by mns
Hi,

I am a newbie to installing and setting up nagios and I am trying to set up Nagios 4.0.7 to send warnings and critical messages to /var/log/messages (RHEL6.5). When I use user.info in /etc/rsyslogd.conf I get thousands of messages.

1. Are there any another rsyslog facilities that I can use besides user.info?

2. Is there a way that I can set it to log everything to the nagios log file but only the first HARD WARNINGS AND CRITICALS, the first OK AFTER HARD WARNINGS AND CRITICALS to /var/log/messages?

3. Is there a way to have each host group it's own thesholds for the checks rather than having to go individually to each server config file?

Cheers

MNS

Re: sending nagios logs to rsyslog

Posted: Thu Jul 31, 2014 9:23 am
by eloyd
mns wrote:Hi,
Hi.
1. Are there any another rsyslog facilities that I can use besides user.info?
Yes, but that is a topic for http://linux.die.net/man/8/rsyslogd.
2. Is there a way that I can set it to log everything to the nagios log file but only the first HARD WARNINGS AND CRITICALS, the first OK AFTER HARD WARNINGS AND CRITICALS to /var/log/messages?
Not that I know of. Nagios wants to log to one place. And it wants to log everything to that place. You could, however, put an event handler on the service/host checks that, when a HARD WARNING or HARD CRITICAL occurs, the event handler adds something to your /var/log/messages file. That's what I'd do.
3. Is there a way to have each host group it's own thesholds for the checks rather than having to go individually to each server config file?
Assign your hosts to hostgroups. Assign your services to servicegroups. Assign servicegroups to hostgroups. Use templates for service definitions, and then you can simply things greatly. Look at http://nagios.sourceforge.net/docs/3_0/ ... tance.html for more information.

Re: sending nagios logs to rsyslog

Posted: Fri Aug 01, 2014 3:02 am
by mns
Thanks Eloyd.

That was very helpful. I will look at your suggestion of using the event handler, that sounds perfect.

What I was trying to do with rsyslog would not work because it would still send all of the messages, only to a different facility.

I will also take a look at servicegroups and hostgroups once I get it working generally.

Thanks again.

Re: sending nagios logs to rsyslog

Posted: Fri Aug 01, 2014 9:05 am
by eloyd
A quick pseudo-code event handler to do what you want:

Code: Select all

<start>
  is STATE=OK or STATE=CRITICAL?
    if yes, then is ATTEMPT=1?
      If yes, then log something to /var/log/messages
<end>

Re: sending nagios logs to rsyslog

Posted: Fri Aug 08, 2014 11:30 am
by mmiltchev
Thanks for your post eloyd. Did you have any more questions mns?
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited