Nagios Support Forum

I am trying to monitor log files on some MSSQL servers. On the my Exchange server I am doing this successfully by using the check_nrpe command: With the MSSQL servers the I am trying to monitor specifics other than just ID numbers.

• Any warnings or errors for a SQL Server event source (starting with MSSQL$) in the Application event log.

• Any errors in the System logs with an event source of "disk"

• Any audit failures with a description containing “Login failed for user” in the Application logs, excluding those coming from 10.10.10.2 or 10.10.10.5. NOTE, this only generates a notification if it fails 6 times (5 minute intervals) in a row.

• An error in the System logs with a description containing "Installation Failure: Windows failed to install the following update"

I have the other App log checks looking every 10 minutes and if that ID is present it triggers a notification. This doesn't have to be real-time but I've been using IPSentry and looking to replace with Nagios. I am unable to get anything to work so reaching out for some suggestions.

I currently don't have the funding for Nagios Log server but didn't know the limitations if I wanted to stand this up. Unless there is a way I can do this with the NSClient++ and I just have the syntax screwed up. I know I will need to look at the log server option eventually as I am getting more request to monitor log values.

Is this something Nagios can do, monitor logs without log server? Not sure if it is the ' or the " that causing the problem but if I just run I get values back but can't get my specific check.