NagiosLog alarms if value is less than threshold
Posted: Thu Apr 14, 2016 11:53 am
Hello,
We are currently using NagiosLogServer (v1.4) and NagiosXI (2014R2.7) together, it's a great package, NagiosLog is parsing Apache logs (and a large number of application logs), we are getting alarms from NagiosXI if we get more than a certain number of events per time period.
I need to create a monitor where I would get a warning event if we have fewer than 500 requests every 2 minutes, and critical if less than 50 every 2 minutes. Looking through the comments on this forum I was not able to come up with an answer, your assistance would be appreciated.
Sample check that works for values over what is expected, how to adjust for values less than expected?
Thanks,
Alex
We are currently using NagiosLogServer (v1.4) and NagiosXI (2014R2.7) together, it's a great package, NagiosLog is parsing Apache logs (and a large number of application logs), we are getting alarms from NagiosXI if we get more than a certain number of events per time period.
I need to create a monitor where I would get a warning event if we have fewer than 500 requests every 2 minutes, and critical if less than 50 every 2 minutes. Looking through the comments on this forum I was not able to come up with an answer, your assistance would be appreciated.
Sample check that works for values over what is expected, how to adjust for values less than expected?
Code: Select all
check_xi_service_nagioslogserver!--url='http://10.0.0.0/nagioslogserver/' --apikey='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' --minutes='2' --warn='1500' --crit='3000' --query='{"query":{"filtered":{"query":{"bool":{"should":[{"query_string":{"query":"*"}}]}},"filter":{"bool":{"must":[{"range":{"@timestamp":{"from":1455722741485,"to":1455723041485}}},{"fquery":{"query":{"query_string":{"query":"*apache_access*"}},"_cache":true}}],"must_not":[{"fquery":{"query":{"query_string":{"query":"*XXXXXXXX*"}},"_cache":true}}]}}}}}'!!!!!!!Alex