Page 1 of 1
log monitoring - Capt
Posted: Thu Jan 24, 2019 2:38 am
by amane
Hi,
We have instrumented the log monitoring for one of the server however whenever it goes to critical mode it is showing the old lines in status information (capturing the old lines in the logs).
We are using the 'check_log3.pl' script for log monitoring.
Please find attached state history report for the log monitoring.
Could you please help to resolve this issue.
Thanks & Regards,
Avinash
Re: log monitoring - Capt
Posted: Thu Jan 24, 2019 12:28 pm
by lmiltchev
Can you show us the actual check run from the command line along with the output of it?
Re: log monitoring - Capt
Posted: Mon Jan 28, 2019 2:43 am
by amane
Hi lmiltchev,
Please find below the actual command run and output.
/usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H 172.26.47.177 -l batman -C "/home/batman/nagios/check_log3.pl -l '/usr/iptbatch/ItemIntegrationMQBatch/log/ItemIntegrationMQ.log' -p 'Exception' -c 1"
OK: Found 0 lines (limit=1/1): No matches found.|lines=0
Regards,
Avinash
Re: log monitoring - Capt
Posted: Mon Jan 28, 2019 11:54 am
by lmiltchev
I was not able to recreate the issue in house. When I added new lines, and reran the plugin, the status changed to critical, but the output was showing only the newly added lines. The "old" lines were not included.
test.log (on the remote system)
In XI
(3 new lines)
Code: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
CRITICAL: Found 3 lines (limit=1/1): test|lines=3
(no new lines)
Code: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
OK: Found 0 lines (limit=1/1): No matches found.|lines=0
Adding 1 new line to the test.log on the remote machine.
In XI
Code: Select all
[nagios@main-nagios-xi ~]$ /usr/local/nagios/libexec/check_by_ssh -o StrictHostKeyChecking=no -o LogLevel=ERROR -o UserKnownHostsFile=/dev/null -H x.x.x.x -l nagios -C "/usr/local/nagios/libexec/check_log3.pl -l '/tmp/test.log' -p 'test' -c 1"
CRITICAL: Found 1 lines (limit=1/1): test|lines=1
example01.PNG
Can you try something similar, just for the sake of troubleshooting this issue?
It would help if you showed us the actual log that you are monitoring, and the service definition, along with all relevant commands, and templates.