Can Nagios tell me if syslog traffic from a device suddenly goes silent?
I can monitor if the syslog service dies via snmp, but my concern is, what happens if someone alters a firewall setting that blocks the syslog traffic, or alters a device so it's syslog traffic is no longer being sent to the Nagios server?
I'd like to have emails sent off as soon as say 'x' time has passed with no syslog traffic being received from any of my monitored devices.
Thank-you. I apologize if this is rudimentary and every should know this. it's been a while since I worked with Nagios.
-= Bruce
How can I monitor if syslog traffic stops being received?
Re: How can I monitor if syslog traffic stops being received
Bruce,
You'll likely want to use check_log3 for this purpose: https://exchange.nagios.org/directory/P ... pl/details
One of the examples on that page could give you a head-start:
You'll likely want to use check_log3 for this purpose: https://exchange.nagios.org/directory/P ... pl/details
One of the examples on that page could give you a head-start:
Return CRITICAL if not at least one MARK was written to the syslog since the last check:
check_log3.pl -l /var/log/messages -p MARK --negate -c 1
Re: How can I monitor if syslog traffic stops being received
Thank you. That gets me going.
-= Bruce
-= Bruce
Re: How can I monitor if syslog traffic stops being received
Do you need any further assistance with this or am I good to close this thread out?
Former Nagios Employee
Re: How can I monitor if syslog traffic stops being received
I am good to go. Please close the thread. And thank you again.
-= Bruce
-= Bruce
Re: How can I monitor if syslog traffic stops being received
Glad to hear your question is resolved. I'll go ahead and close this.
Former Nagios Employee.
me.
me.