Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

CHeck_Logfiles Critical Threshold not working

https://support.nagios.com/forum/viewtopic.php?t=42345

Page 1 of 2

CHeck_Logfiles Critical Threshold not working

Posted: Tue Feb 07, 2017 9:41 pm
by EchoKev
Hello All,

I have been trying to get the criticalthreshold option working in the check_logfiles (https://labs.consol.de/nagios/check_logfiles/) plugin to work in my setup without luck. What I am trying to do it only give a critical alert when there are 30 matches of the critical paterns on a check. Currently it alerts when there are any matches (one or more). If someone could point me at what I am configuring wrong I would really appreaciate it.

I have tried both: criticalthreshold => 30 and options => ' criticalthreshold=30'


Here is an example of my configuration file:

Code: Select all

$seekfilesdir = '/tmp/nagios';
# where the state information will be saved.

$protocolsdir = '/tmp/nagios';
# where protocols with found patterns will be stored.

$scriptpath = '/usr/local/nagios/libexec:/tmp/nagios';
# where scripts will be searched for.

@searches = (
  {
    tag => 'App_Log',
    logfile => '/var/log/app-log.log',
    criticalpatterns => ['ERROR','FATAL',],
    criticalthreshold => 30
  }
);
Thanks for any help!

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 10:25 am
by rkennedy
We're a bit limited on the Support we can provide as this is a third party plugin. Have you taken a look at the examples page to see if anything lines up? https://labs.consol.de/nagios/check_logfiles/examples/

One thing I'm noticing, is you don't have savethresholdcount defined, which I believe could affect it -

Code: Select all

[no]savethresholdcount 	Controls whether the hit counter will be saved between the runs. If yes, hit numbers are added until a threshold is reached (criticalthreshold). Otherwise the run begins with resetted counters. 	default: on

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 10:29 am
by EchoKev
Hi,

Thanks, for the reply. I did check out their examples, but unfortunately they don't have an example for that setting.

The option that you noticed is for keeping a count between checks, I only want to get an alert if there is that many alerts within each log check period.

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 11:03 am
by rkennedy
EchoKev wrote:Hi,

Thanks, for the reply. I did check out their examples, but unfortunately they don't have an example for that setting.

The option that you noticed is for keeping a count between checks, I only want to get an alert if there is that many alerts within each log check period.
I understand that part, the caveat here is that I believe the feature is turned 'on' by default, and will impact your checks - that's why I brought it up.

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 11:19 am
by EchoKev
Ah, that makes sense, but unfortunately still does not help, as currently it alerts critical on 1 error, not adding up to 30 per check or 30 in total.

Thanks again.

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 5:36 pm
by avandemore
Have you contacted the author of the plugin? Have you tried the verbose option from the command line to see what is happening?

Here is some information on creating your own plugin if that doesn't work for you:
https://nagios-plugins.org/doc/guidelines.html
https://mathias-kettner.de/checkmk_localchecks.html
http://www.yourownlinux.com/2014/06/how ... cript.html

Re: CHeck_Logfiles Critical Threshold not working

Posted: Wed Feb 08, 2017 5:38 pm
by mcapra
Judging by the docs, it looks like your configuration file has a parameter where it should instead have an option. Can you give this revision a try and see if it produces the desired results:

Code: Select all

$seekfilesdir = '/tmp/nagios';
# where the state information will be saved.

$protocolsdir = '/tmp/nagios';
# where protocols with found patterns will be stored.

$scriptpath = '/usr/local/nagios/libexec:/tmp/nagios';
# where scripts will be searched for.

@searches = (
  {
    tag => 'App_Log',
    logfile => '/var/log/app-log.log',
    criticalpatterns => ['ERROR','FATAL',],
    options => 'criticalthreshold=30'
  }
);

Re: CHeck_Logfiles Critical Threshold not working

Posted: Fri Feb 10, 2017 2:14 pm
by EchoKev
HI,

I have that now, but it seems to still alert when there is not 30 alerts in the log since the last check.

Re: CHeck_Logfiles Critical Threshold not working

Posted: Fri Feb 10, 2017 2:55 pm
by EchoKev
I am adding "nosavethresholdcount," to my options setting to see if that makes a difference. Will report back.

Thanks for the assistance.

Re: CHeck_Logfiles Critical Threshold not working

Posted: Fri Feb 10, 2017 3:10 pm
by mcapra
Certainly, let us know if that doesn't produce the desired behavior and we can troubleshoot further.
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited