Page 1 of 2
Nagios Log monitoring ...
Posted: Thu Jan 28, 2016 10:00 pm
by rmank
Hello ,
We are trying to setup a monitoring of few log files against FS error on via NRPE /NAgios XI
Enviroment ..Nagios XI with RHEL host
Need :Need to produce alerts when if there are some specific strings indentified in log file
I could see only check_log plugin in libexec directory .So your help will be highly appreciated in the context
-->Is there a new plugin needed for that (if yes where can i ?)
-->else how can i test it with nrpe and some some commands
thanks alot ..
Re: Nagios Log monitoring ...
Posted: Fri Jan 29, 2016 11:32 am
by rkennedy
The check_log plugin should work for you. You'll need to define a command in your NRPE configuration that utilizes the check_log file.
As an example, this would check for the word xinetd in your syslog.
Code: Select all
command[check_syslog]=sudo /usr/lib/nagios/plugins/check_log -F /var/log/messages -O /tmp/templog.log -q xinetd
Re: Nagios Log monitoring ...
Posted: Mon Feb 01, 2016 4:16 am
by rmank
Thanks for the details .Can you do this for Windows also ?
Also is there a way to get the eventviewer log size settings for windows using CLI via nrpe /nsc ?
Re: Nagios Log monitoring ...
Posted: Mon Feb 01, 2016 11:28 am
by hsmith
Check this guide out for monitoring Windows Logs with NSClient:
https://outsideit.net/real-time-eventlog-monitoring/
rmank wrote:Also is there a way to get the eventviewer log size settings for windows using CLI via nrpe /nsc ?
I'm not entirely sure what you're looking for, can you provide a little more detail?
Re: Nagios Log monitoring ...
Posted: Tue Feb 02, 2016 11:02 am
by rmank
thanks a lot 'hsmith'
when I say details about event viewer ,I am looking like the assigned size for event viwer and used + if the log rotation automatic override parameter is enabled ?
Re: Nagios Log monitoring ...
Posted: Tue Feb 02, 2016 3:45 pm
by hsmith
rmank wrote:I am looking like the assigned size for event viwer
Could you please elaborate on this a bit more?
rmank wrote:+ if the log rotation automatic override parameter is enabled ?
Are we still talking about the Windows event log? The link that I provided is for Windows event logs.
Re: Nagios Log monitoring ...
Posted: Wed Feb 03, 2016 4:27 am
by rmank
I am looking for a way to check the log size now and if that is exceeded than maximum log size ? and does the overwrite events option is enabled ?
Re: Nagios Log monitoring ...
Posted: Wed Feb 03, 2016 2:46 pm
by rkennedy
Can you clarify what exactly you would like to do when it reaches that max log size?
Re: Nagios Log monitoring ...
Posted: Thu Feb 04, 2016 3:18 am
by rmank
It should trigger an alert ...
Re: Nagios Log monitoring ...
Posted: Thu Feb 04, 2016 2:32 pm
by rkennedy
You will need to create a new check for that then, the options there are not for alerts, but rather what to do when the log file fills up. I would change that to 'Do not overwrite events' and setup a new check over NRPE using this plugin -
https://exchange.nagios.org/directory/P ... ck/details