check_log
Posted: Tue May 24, 2016 4:20 am
we need to check string in /var/log/secure e.g. Invalid and Failed etc.
i have added the below to /etc/sudoers.d/11-nagios
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_log
and then i add nrpe cfg in /usr/local/nagios/etc/nrpe/log.cfg
command[check_syslog]=sudo /usr/local/nagios/libexec/check_log -F /var/log/secure -O /tmp/invalid -q Invalid
i then restarted xinetd.
after that, when i check the log using nrpe, it gave the following
/usr/local/nagios/libexec/check_nrpe -H 192.168.88.2 -c check_syslog
(1) < May 24 09:10:01 nls sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_log -F /var/log/secure -O /tmp/invalid -q Invalid
The log will have some wording e.g. Failed, Invalid but seems it will not check and prompt.
please help to see what i am missing.
thanks
i have added the below to /etc/sudoers.d/11-nagios
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_log
and then i add nrpe cfg in /usr/local/nagios/etc/nrpe/log.cfg
command[check_syslog]=sudo /usr/local/nagios/libexec/check_log -F /var/log/secure -O /tmp/invalid -q Invalid
i then restarted xinetd.
after that, when i check the log using nrpe, it gave the following
/usr/local/nagios/libexec/check_nrpe -H 192.168.88.2 -c check_syslog
(1) < May 24 09:10:01 nls sudo: nagios : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/local/nagios/libexec/check_log -F /var/log/secure -O /tmp/invalid -q Invalid
The log will have some wording e.g. Failed, Invalid but seems it will not check and prompt.
please help to see what i am missing.
thanks