Nagios Support Forum

Can Nagios tell me if syslog traffic from a device suddenly goes silent?
I can monitor if the syslog service dies via snmp, but my concern is, what happens if someone alters a firewall setting that blocks the syslog traffic, or alters a device so it's syslog traffic is no longer being sent to the Nagios server?

I'd like to have emails sent off as soon as say 'x' time has passed with no syslog traffic being received from any of my monitored devices.

Thank-you. I apologize if this is rudimentary and every should know this. it's been a while since I worked with Nagios.

-= Bruce

Bruce,

You'll likely want to use check_log3 for this purpose: https://exchange.nagios.org/directory/P ... pl/details


One of the examples on that page could give you a head-start:

Return CRITICAL if not at least one MARK was written to the syslog since the last check:

check_log3.pl -l /var/log/messages -p MARK --negate -c 1

Thank you. That gets me going.
-= Bruce

Do you need any further assistance with this or am I good to close this thread out?

I am good to go. Please close the thread. And thank you again.

-= Bruce

Glad to hear your question is resolved. I'll go ahead and close this.