Nagios Support Forum

Hi,

We have Nagios XI 5.6.10 in our environment. We need to monitor a log file(a normal text file) for content match as well as for value.
We have on boarded Windows server using WMI in Nagios.
Could you please help me with information for how to monitor a log file for Windows server.


Regards
Vishal Dhote

You could use the -q option of check_log, or install the check_logfiles plugin to look for a string in a log file. check_logfiles on GitHub

Are you wanting to perform this check over WMI? I'm not sure if that is possible.

Yes, we need to monitor the log file on a Windows system. The Windows system are on boarded to Nagios using WMI wizard.
Please suggest.

I do not see a way to check for a string in a log file using WMI alone. When you say you are "on board[ing]" these machines, do you mean that you are installing an agent (like NCPA) over WMI?

If these machines have agents installed on them, you should be able to run check_logfiles or check_log -q against them to monitor a log for a particular message.
Managing Plugins In Nagios XI

No, we have not installed an agent. We are connecting the server via WMI and monitoring it.
We are expecting there should be some mechanism with help of which we should be able to monitor the file for content match or for value on Windows server.

I have not seen anyone monitor the contents of a file on a Windows system without an agent, but we can certainly try!

From what I understand, WMI is simply a way to access Windows machines and execute VBScript or PowerShell scripts on them. That means—hypothetically—that anything you could check using those languages, you could monitor over WMI.

In PowerShell, you would probably use the Get-Content command to query a file for a string, then compare that to another value using an if statement. From what I can tell, VBScript doesn't have a native command for this, so the solution is a bit more complicated but you get the gist...

All that is to say that I don't think there is a plugin on the Exchange that does exactly what you're describing, but I certainly encourage you to try writing one if you're up to it!

Thank you jbrunkow.
Let me try working it out using Powershell.
We had HP SiteScope earlier, this used to do the log file monitoring for content match using WMI. So the content match check seems to be possible using WMI.

Good to know! I couldn't find any documentation about how to check the contents of a file over WMI specifically. Let me know if you get anything going and have any more specific questions.