New check configuration(string matching)

[ericssonvietnam]

Need to configure check for generation alert if the string matches in a file and file consist only one line can you suggest if i can do it through check_logfile or i have to use some other plugin i am already using check_logfile.

string is "A2P_CDR_Success count is 0 in last 5 mins" for which i need to generate alert.

[kyang]

Have you tried anything to match that string while using the plugin?

I don't have it installed, but looking at the help doc I see the command line params.

Code: Select all

--criticalpattern=<regexp> A regular expression which will trigger a critical error.
--warningpattern=<regexp> The same…a match results in a warning.
--criticalexception=<regexp> / –warningexception=<regexp> Exceptions which are not counted as errors.
--okpattern=<regexp> A pattern which resets the error counters.

If you throw in the string for the --criticalpattern=<regexp>, does something like that work for you?

[ericssonvietnam]

Have you tried anything to match that string while using the plugin?

I don't have it installed, but looking at the help doc I see the command line params.

Code: Select all

--criticalpattern=<regexp> A regular expression which will trigger a critical error.
--warningpattern=<regexp> The same…a match results in a warning.
--criticalexception=<regexp> / –warningexception=<regexp> Exceptions which are not counted as errors.
--okpattern=<regexp> A pattern which resets the error counters.

If you throw in the string for the --criticalpattern=<regexp>, does something like that work for you?

Below is the configuration file which i am using:

[nagios@HNSMS1X3 conf]$ cat A2P_CDR_Success.conf
$seekfilesdir = '/home/nagios/logfile_basedir/tmp';
$protocolsdir = '/home/nagios/logfile_basedir/tmp';
$scriptpath = '/home/nagios/bin';
#$MACROS = { CL_DISK01 => "/dev/dsk/c0d1", CL_DISK02 => "/dev/dsk/c0d2" };

@searches = (
{
tag => 'A2P Success CDR check',
criticalpatterns => [ 'A2P_CDR_Success count is 0 in last 5 mins' ] ,
options => 'sticky=1800,noprotocol,report=long,allyoucaneat',
logfile => '/smsx/logs/ACDR.log'
#rotation => 'SUSE',
}
);
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

[nagios@HNSMS1X3 bin]$ ./check_logfiles -f ../logfile_basedir/conf/A2P_CDR_Success.conf
OK - no errors or warnings|A2P Success CDR check_lines=1 A2P Success CDR check_warnings=0 A2P Success CDR check_criticals=0 A2P Success CDR check_unknowns=0
But still it is not giving me the critical count as one i have the log file as shown below:
[nagios@HNSMS1X3 bin]$ cat /smsx/logs/ACDR.log
A2P_CDR_Success count is 0 in last 5 mins

[lmiltchev]

If you need to generate an alert, when your pattern's count is 0 within the last 5 min, you could use the negate plugin.

Example 1

Code: Select all

[root@main-nagios-xi libexec]# ./check_logfiles -f A2P_CDR_Success.conf
OK - no errors or warnings|'A2P Success CDR check_lines'=0 'A2P Success CDR check_warnings'=0 'A2P Success CDR check_criticals'=0 'A2P Success CDR check_unknowns'=0
[root@main-nagios-xi libexec]# echo $?
0

Example 2 (with the negate plugin)

Code: Select all

[root@main-nagios-xi libexec]# ./negate -o CRITICAL -s /usr/local/nagios/libexec/check_logfiles -f A2P_CDR_Success.conf
CRITICAL - no errors or warnings|'A2P Success CDR check_lines'=0 'A2P Success CDR check_warnings'=0 'A2P Success CDR check_criticals'=0 'A2P Success CDR check_unknowns'=0
[root@main-nagios-xi libexec]# echo $?
2

If you also want the critical states (when pattern if found) to be reported as "OK", you could add "-c OK" to your command:

Example 3

Code: Select all

[root@main-nagios-xi libexec]# ./negate -o CRITICAL -c OK -s /usr/local/nagios/libexec/check_logfiles -f A2P_CDR_Success.conf
OK - (5 errors) - A2P_CDR_Success ...|'A2P Success CDR check_lines'=5 'A2P Success CDR check_warnings'=0 'A2P Success CDR check_criticals'=5 'A2P Success CDR check_unknowns'=0
[root@main-nagios-xi libexec]# echo $?
0

For more information on the negate plugin, please review our KB article on the topic here: https://support.nagios.com/kb/article/n ... n-287.html