Nagios Support Forum

Do you guys recommend any good log monitoring plugins.(both windows and Linux)

also

I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.

Hello,

For the purposes of log monitoring, I'm confident in recommending Nagios Log Server first and foremost - you should take a look at it if you haven't already. No plugin will beat the capability that Nagios Log Server offers.

With the above in mind, there are several plugins that can monitor logs remotely as well - I have had some success with check_log3. Let me know if that solution looks like it would work out for you.

You are free to browse our other solutions on the Nagios Exchange: http://exchange.nagios.org/directory/Plugins/Log-Files

Let me know if you have any further questions - if you give us some more detail about what exactly you'd like to accomplish, perhaps we could point out a tool suited for that particular job. Thanks!

i am looking for a plugin that goes threw a log file and check for a specific word such as i wanna search messages file for errors. basically a search pattern

I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.

i am looking for a plugin that goes threw a log file and check for a specific word such as i wanna search messages file for errors. basically a search pattern

check_log3 will work perfectly in this case. Do you already have NSClient or similar installed on your Windows Servers? You can use NSClient to perform the check_log3 check actively. Let me know if this is something you'd like to do.

I tried to setup Monitoring Windows Event Logs With NagEventLog and i followed the PDF but when i do generated test event nothing happens. what am i doing wrong.

That is a difficult question to answer without having more information. What have you done already - and what is failing? Are there any error messages? Please give us some detail to start with, and we'll be happy to help you.

We use this plugin: http://exchange.nagios.org/directory/Pl ... es/details

We're only monitoring like 4 files for a specific string so we couldn't justify getting log server. If you're looking to monitor a lot of logs and want more functionality than just an alert when a string is found I would also recommend Nagios Log Server. We demoed it out for a bit, but I couldn't get people interested enough in it to send me their logs so it sort of fell through, but it worked well from what I saw.

Appreciate the recommendation.

gdolidze, report back with any questions/concerns you have. Thanks!

So i have check_Log3 but i am getting permissions denied for /var/log/messages, using this command line
Unable to open '/var/log/messages': Permission denied $USER1$/check_log3.pl -l var/log/messages -p '[Ee]rror' -n nrpe
What user needs permission for this plugin.
check_log3.pl -l /var/log/messages -p '[Ee]rror' -n nrpe

i have tried linking it to a different location but there i get
Cannot read '/usr/local/nagios/logs/messages

i also tried giving others read permission but that doesn't work either
-rw-rw-r--. 1 root root 2957410 May 13 12:11 messages
Cannot read 'var/log/messages'

as the nagios user i can do cat /var/log/messages

Our introduction webinars are perfect for this purpose: https://www.youtube.com/watch?v=-_BNGBkBf5Y

The nagios user will be the one running the plugin, so the nagios user will need at least read access to /var/log/messages.

The safest way to do this is likely to add a line to /etc/sudoers with the explicit command you'd like the nagios user to run. For example: Once added, the nagios user will need to use 'sudo' in front of the command: You will have to edit your 'command' in the nagios GUI accordingly:

I get this error (No output on stdout) stderr: sudo: no tty present and no askpass program specified

If you log in as the nagios user, can you run the command on the box locally? If you can, that's a great start. Are you using NRPE for remote checks? If so, would you mind posting your NRPE configuration?