Nagios Support Forum

Posted: **Wed May 05, 2021 12:35 pm**

Hello,

We have a use case as in when a directory has a file more than an hour old, it should be treated as CRITICAL and alert. If there is no file present or if the file is present but is written less than an hour, its OK and no alerting is needed.
I have referenced to https://support.nagios.com/kb/article.p ... file_count and set my check, but not getting desired output:

Code: Select all

[nagios@NagiosXIAzDev ~]$ /usr/local/nagios/libexec/check_nrpe -H 10.179.8.132 -c check_files -2 -a max-depth=0 path='//MyNetworkPath' pattern=*.* 'filter= written lt -1h' 'crit= count gt 0' 'empty-state=ok' 'empty-syntax=${status}: No files found' 'top-syntax=${status}: ${count} files found'
OK: No files found|'count'=0;0;0

I have put two files there where one is set as written today and the other file's lastwritten and creation attribute is changed to 2017

Server.JPG

What am I doing wrong? I was expecting the output will say 1 file found for the 2017 dated file.

Posted: **Thu May 06, 2021 11:09 am**

Hi

What do you get when you run:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 10.179.8.132 -c check_files -a path='//MyNetworkPath'

Thanks

Posted: **Wed May 12, 2021 8:57 am**

This is the output:

Capture.JPG

As you can see there are two issues:
1. It does a recursive search of folders which I dont want.
2. Even though I have a file dated 2017, it still says OK.

Posted: **Thu May 13, 2021 10:58 am**

Try this:
- Change X.X.X.X and YOURPATH
- Apparently max-depth needs to be 1

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H X.X.X.X -2 -c check_files -a max-depth=1 path='YOURPATH' pattern=*.* 'filter= written < -1h' 'crit= count > 0' 'empty-state=ok' 'empty-syntax=${status}: No files found' 'top-syntax=${status}: ${count} files found'

Posted: **Mon May 17, 2021 12:44 pm**

This still looks at the sub-folders in that directory which I am not concerned about.

Code: Select all

[nagios@NagiosXIAzDev ~]$ /usr/local/nagios/libexec/check_nrpe -H 10.179.8.132 -c check_files -2 -a max-depth=1 path='//MyNetworkPath/' pattern=*.* 'filter= written lt -1h' 'crit= count gt 0' 'empty-state=ok' 'empty-syntax=${status}: No files found' 'top-syntax=${status}: ${count} files found'
CRITICAL: 4 files found|'count'=4;0;0

The Folder structure is:

Capture.JPG

I expected the output to say 2 files found which are older than 1 hour and not adding the two directories as well.
Considering I put a fresh file just before running the query, so that means the file is written less than an hour. But the remaining two files are older and should be reported as Critical.

Posted: **Tue May 18, 2021 4:59 pm**

Hi,

Looking this over, one option would be to use a pattern to search on the filenames (so the directories are not counted). Do these files have a coming name syntax (eg. test*.txt)?

Reference:
https://docs.nsclient.org/reference/win ... heck_files

Nagios Support Forum

Alert based on FileAge

Alert based on FileAge

Re: Alert based on FileAge

Re: Alert based on FileAge

Re: Alert based on FileAge

Re: Alert based on FileAge

Re: Alert based on FileAge