Page 1 of 1
Alerting for devices that are not sending logs
Posted: Thu Mar 23, 2017 12:02 pm
by sweath
Does Nagios Log Server have any built in scripts that will let you know if you have haven't received a log from a log source that has previously been sent? For instance, a server has been sending logs to NLS for 10 days, and on day 11 NLS quits receiving logs from the server, is there any way to be alerted on this, outside of a custom script?
Re: Alerting for devices that are not sending logs
Posted: Thu Mar 23, 2017 1:29 pm
by mcapra
If you have a relatively small amount of hosts, you could configure an Alert using a query on each host with thresholds that say "warn less than 2, critical less than 1". It might look something like this:
2017_03_23_13_29_14_Alerting_Nagios_Log_Server.png
With the : after the threshold indicating "less than". We are doing some richer summaries of log sources for NLS 2.0, but that's still a few months out.