Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

file monitor

https://support.nagios.com/forum/viewtopic.php?t=62726

Page 1 of 1

file monitor

Posted: Tue Jun 01, 2021 1:55 pm
by michaewlewis
I'm trying to get a file monitor to work with nagios log server but just get a blank message field when it gets sent. I am following the document "Configuring NXLog To Send Additional Log Files" and can't see where I went wrong.

Here's my .conf:

Code: Select all

<Input SMC_Logs>
    Module   im_file
    File     'C:\ProgramData\ArchestrA\LogFiles\\*.aaLOG'
    SavePos  TRUE
    Exec     $Message = $raw_event;
</Input>

<Route 1>
    Path internal, file1, eventlog, windowsfile, SMC_Logs => out
</Route>
Here's a snippet of the server021612993328.aaLOG, which gets recreated with a new date whenever it hits 10mb.

Code: Select all


㌢ਊ᭴ 㰄 鱘룞圏ǗMark Log Viewer Mark   L 태"
㌢ਊ᭴ 㰄 䭊�圏ǗMark Log Viewer Mark   Ę 턨"
ऀ㔁㙘 Ą 㦰竸園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Network or server is too busy (max time lag reached, time lag 200430 ms) aahIDASSvc  ú 텴"
ऀ㔁㙘 Ą 㦰竸園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Clearing buffer cache for recovery (max time lag reached) aahIDASSvc  İ 튌"
ऀ㔁㙘 Ą 㦰竸園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: A data buffer lost: header/dirty time of the lost buffer = 11:14:51.053/11:18:11.474 aahIDASSvc  Ŝ 펆"
ऀ㔁㙘 Ą ᳲ管園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Sending values of QualityDetail 20 (IDAS overflow recovery) for all tags with time 2021/06/01 11:18:11.315 aahIDASSvc  Ŋ 풶"
ऀ㔁㙘 Ą 鉏管園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Sending recovery buffer to storage: 3908 values, 63494 bytes, header time 2021/06/01 11:18:11.315 aahIDASSvc  Ŋ 혒"
ऀ㔁㙘 Ą ޛ箢園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Sending recovery buffer to storage: 4248 values, 63496 bytes, header time 2021/06/01 11:18:11.315 aahIDASSvc  Ŋ 흜"
ऀ㔁㙘 Ą 嗄箢園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Sending recovery buffer to storage: 3672 values, 55528 bytes, header time 2021/06/01 11:18:11.315 aahIDASSvc  Ô �"
ऀ㔁㙘 Ą 嗄箢園ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Pipe recovery completed for 11845 tags aahIDASSvc  L �"
㌢ਊ᭴ 㰄 듯園ǗMark Log Viewer Mark   Ġ �"
ऀ㔁✸ ❸ 䭪앖園ǗInfo aahCfgSvc Remaining disk space on circular drive (MB) (1030478, 11;6;13100;000) [WWPSVRISQL02; Config.cpp; 1551] aahCfgSvc  þ �"
ऀ㔁㙘 ࡘ 销딙圓ǗInfo aahIDASSvc (local) WWPSVRISQL02_2: Sending SuiteLink time synchronization message WWPSVRISQL02 aahIDASSvc

Re: file monitor

Posted: Wed Jun 02, 2021 12:59 pm
by ssax
I just labbed this up and it's working properly with your settings/logs.

Please attach your full nxlog.conf so I can review it.

Re: file monitor

Posted: Wed Jun 02, 2021 4:16 pm
by michaewlewis
I tried some different things and now I'm getting a different issue. log server is giving me "ERROR modeul 'SMC_Logs' is not declared"

Re: file monitor

Posted: Thu Jun 03, 2021 3:23 pm
by ssax
Please change this:

Code: Select all

<Input SMC_Logs>
  Model im_file
  File 'C:\ProgramData\ArchestrA\LogFiles\\*.aaLOG'
  SavePos TRUE
  Exec $Message = $raw_event;
</Input>
To this (Module was spelled wrong):

Code: Select all

<Input SMC_Logs>
  Module im_file
  File 'C:\ProgramData\ArchestrA\LogFiles\\*.aaLOG'
  SavePos TRUE
  Exec $Message = $raw_event;
</Input>
Then restart the nxlog service.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited