Nagios Support Forum

When I go to create an alert i have the options of Warnings [number of events] Critical [number of events].

My problem is I want a critical if one particular event is detected. How to I achieve this. Just leave warning blank and put a 1 in critical?

Really need help on this one. In Nagios Xi we have the same issue with processes where the wizard has a "More than" approach where if I put 1, it was ok as long as it was 1 or more, which made 0 an ok result. I figured that out in Nagios XI but can't seem to find any documentation on how that is handeled here.

If warning and critical are both set to the same number, it should prefer critical if the threshold is reached. This applies to both XI and NLS.

tmcdonald wrote:If warning and critical are both set to the same number, it should prefer critical if the threshold is reached. This applies to both XI and NLS.

That answers one part of the question.

What I am referring to with Nagios XI is this:

Monitoring a Windows Server using the Configuration Wizard, I get to the "Process Section" and I enter the name of a process then it asks me for Warning and Critical thresholds.

These are based on a "More Than" principle. so if I do Warning 1 Critical 1, the if the process is not running I still got an OK status for the service as 0 is NOT MORE than 1. I was able to get around this by readying the dev documentation. NLS is not based on core so just want to make sure this is not going to be an issue.

I wanted to make sure NLS did not suffer from the same thing.

I am going to test it to see. Can you look into this as well? Looking for more than 1 event will not cover most of my log monitoring alerting requirements.

These are based on a "More Than" principle. so if I do Warning 1 Critical 1, the if the process is not running I still got an OK status for the service as 0 is NOT MORE than 1. I was able to get around this by readying the dev documentation. NLS is not based on core so just want to make sure this is not going to be an issue.

Can I politely kill this by stating that this particular one is an nsclient bug not an overall thresholds bug. If you were to use check_procs(linux), you could do -w 1: and -c :1 to have a warning for less than 1 and critical for greater than 1. At least last I checked, nsclient was the last holdout on this particular issue. (sorry it's a sore point from plugins dev, not picking on your use)

Anyways, if it does not already, I would absolutely expect that we will fix thresholds with NLS to support the proper threshold syntax from XI's plugin side, and NLS side when sending passive results. On how to implement it now, I would suggest starting with the thresholds above and as defined by the plugins guidelines something like 1: which should alert on anything outside the range of infinity to 1, or 0: if you wanted to alert on more than 1 instance.

sreinhardt wrote:

These are based on a "More Than" principle. so if I do Warning 1 Critical 1, the if the process is not running I still got an OK status for the service as 0 is NOT MORE than 1. I was able to get around this by readying the dev documentation. NLS is not based on core so just want to make sure this is not going to be an issue.

Can I politely kill this by stating that this particular one is an nsclient bug not an overall thresholds bug. If you were to use check_procs(linux), you could do -w 1: and -c :1 to have a warning for less than 1 and critical for greater than 1. At least last I checked, nsclient was the last holdout on this particular issue. (sorry it's a sore point from plugins dev, not picking on your use)

Anyways, if it does not already, I would absolutely expect that we will fix thresholds with NLS to support the proper threshold syntax from XI's plugin side, and NLS side when sending passive results. On how to implement it now, I would suggest starting with the thresholds above and as defined by the plugins guidelines something like 1: which should alert on anything outside the range of infinity to 1, or 0: if you wanted to alert on more than 1 instance.

Actually I had this issue with the Config Wizard for NCPA not NSClient, so let me polietly kill that thought. I already know

you could do -w 1: and -c :1 to have a warning for less than 1 and critical for greater than 1

as I said in my previous post I had already figured that out. In XI I was referring to the way the configuration wizards set up the checks, not how to write a check by hand, which is what I have been doing when looking for single processes using check_ncpa. If you look at my posts in the XI forums, you will see I had a topic on the single process issue with the NCPA wizard and found the way to properly set it up in CCM after ready the pluging dev guide. You can do this with check_ncpa in CCM pretty easily using the method you mentioned.

My only question, which nevery really got answered, does NLS take that approach when setting up alarms using the GUI.

I have tested this just a few minutes ago and it's fine. It will alert as you stated by setting w1 c1.

So you can close this thread.

Actually I had this issue with the Config Wizard for NCPA not NSClient, so let me polietly kill that thought. I already know

Ah correct you are, I actually mis-read that thinking about some other bugs with nsclient. Anyway. I'll test it out with log server and let you know before closing, I would like to know that answer to this one.