Nagios Support Forum

Using Nagios XI 2024R1
On Windows, NCPA 2.4.1, upgraded to NCPA 3.0.1
----------------

The following will return results with 2.4.1 but not with 3.0.1.
I thought it could be the space, but Forwarded Events (which is in the Windows Logs folder) works on 3.0:
But this one times out:
Anything in the Windows Logs event folder works fine (e.g. System, Application, Forwarded Events), but it will not work with anything in Application and Services Logs that I tried (e.g. Active Directory Web Services, Directory Service, DNS Server, etc.)

For reference, this is the command we are using from Nagios XI that worked with NCPA 2.4.1 but not with 3.0.1:
NCPA 2.4.1 returned results
NCPA 3.0.1 returned: UNKNOWN: An error occurred connecting to API. (HTTP error: '500 INTERNAL SERVER ERROR')

If anyone knows if the syntax changed for accessing the API with NCPA 3.0.1, please let me know.

Thank you

Greetings!

I'm unable to reproduce this problem. As an aid, would you be willing to change the log level to debug for NCPA in the file C:\Program Files\Nagios\NCPA\etc\ncpa.cfg and then sending me the NCPA log file that results when you try that API endpoint. Its in C:\Program Files\Nagios\NCPA\var\log\ncpa_listener.log. Either that or open up an issue against NCPA in github here: https://github.com/NagiosEnterprises/ncpa.

Thank you for responding.

Unfortunately, I am at the mercy of the Windows admins at this site (I am a Linux admin). I will ask him if he can do this for me.

A Windows person upgraded yesterday from the old version of NCPA and I received this right after.

I opened an issue on Github earlier today, but will try to get that log from him tomorrow so I can post the results here.

I am also seeing the same issue on two of our DFS servers. It's checking for errors in the logs for DFS Replication. The two with the "Unknown" (500) error are the only ones that are currently on 3.x. The rest are still on 2.x and working fine.

MDC-AZ-NAS01 DFS Replication Errors Unknown 23d 14h 3m 36s 5/5 2024-01-05 15:30:38 UNKNOWN: An error occurred connecting to API. (HTTP error: '500 INTERNAL SERVER ERROR')
MDC-NAS01 DFS Replication Errors Ok 20h 58m 19s 1/5 2024-01-05 15:28:03 OK: DFS Replication has 0 logs, Total Count has 0 logs (Time range - last 30 minutes)
mdc-nas02 DFS Replication Errors Ok 2d 6h 23m 17s 1/5 2024-01-05 15:29:26 OK: DFS Replication has 0 logs, Total Count has 0 logs (Time range - last 30 minutes)
mdc-nas03 DFS Replication Errors Ok 2d 5h 23m 58s 1/5 2024-01-05 15:28:46 OK: DFS Replication has 0 logs, Total Count has 0 logs (Time range - last 30 minutes)
mdc-ssd-nas01 DFS Replication Errors Unknown 2d 9h 53m 25s 5/5 2024-01-05 15:31:50 UNKNOWN: An error occurred connecting to API. (HTTP error: '500 INTERNAL SERVER ERROR')
mdc-ssd-nas02 DFS Replication Errors Ok 2d 7h 8m 25s 1/5 2024-01-05 15:28:58 OK: DFS Replication has 0 logs, Total Count has 0 logs (Time range - last 30 minutes)
mdc-ssd-nas03 DFS Replication Errors Ok 2d 5h 3m 38s 1/5 2024-01-05 15:29:50 OK: DFS Replication has 0 logs, Total Count has 0 logs (Time range - last 30 minutes)


The command run is
-t '-token-' -P 5693 -M 'logs' -q 'name=DFS Replication,logged_after=30m,severity=ERROR' -c 0

@DuncanClarke thanks for that log snippet. What I'm looking for specifically is the NCPA log from the machine you're looking for the DFS entries on. That looks like the Nagios XI log. If you could provide that, that'd be great!

Looking at the logfile generated after restarting the service with debug (ran a force check for the failed log request):

Note: Service has also changed - just one service now called "Nagios Cross-Platform Agent"

2024-01-08 12:32:24,816 listener DEBUG before_request() - type(request.view_args): <class 'dict'>
2024-01-08 12:32:24,816 listener INFO before_request() - request.url: https://<servername>:5693/api/logs/?token=<token>&critical=0&check=1&name=DFS+Replication&logged_after=30m&severity=ERROR
2024-01-08 12:32:24,816 listener DEBUG before_request() - request.path: /api/logs/
2024-01-08 12:32:24,816 listener DEBUG before_request() - request.url_rule: /api/<path:accessor>
2024-01-08 12:32:24,816 listener DEBUG before_request() - request.view_args: {'accessor': 'logs/'}
2024-01-08 12:32:24,816 listener DEBUG before_request() - request.routing_exception: None
2024-01-08 12:32:25,082 listener.server ERROR Exception on /api/logs/ [GET]
Traceback (most recent call last):
File "listener\windowslogs.py", line 86, in get_logs
File "listener\windowslogs.py", line 572, in get_event_logs
File "_strptime.py", line 568, in _strptime_datetime
File "_strptime.py", line 349, in _strptime
ValueError: time data '2024-01-08 10:15:53.877000+00:00' does not match format '%m/%d/%y %H:%M:%S'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "listener\windowslogs.py", line 102, in run_check
File "listener\windowslogs.py", line 75, in walk
File "listener\windowslogs.py", line 72, in log_method
File "listener\windowslogs.py", line 91, in get_logs
Exception: General error occurred while getting log DFS Replication: ValueError("time data '2024-01-08 10:15:53.877000+00:00' does not match format '%m/%d/%y %H:%M:%S'")

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "flask\app.py", line 1455, in wsgi_app
File "flask\app.py", line 869, in full_dispatch_request
File "flask\app.py", line 867, in full_dispatch_request
File "flask\app.py", line 852, in dispatch_request
File "listener\server.py", line 305, in token_auth_decoration
File "listener\server.py", line 1111, in api
File "listener\windowslogs.py", line 105, in run_check
AttributeError: 'Exception' object has no attribute 'message'

Hi @DuncanClarke, thanks for posting those logs. Based on what I'm seeing there, there's definitely at least one bug that can be fixed. I've copied the log entries over to the GitHub issue for this problem.

Any news on if/when a fix is expected?

Hello @DuncanClarke,

I am currently the primary developer for NCPA and am currently committed to another project for the coming weeks. My current task is high-priority and will likely fill my time for the next 1-2 weeks. I will try to get this worked out in the coming weeks, but it's hard to say when exactly the next NCPA release will be.

For the time being, you can try building NCPA from this fork here: https://github.com/NagiosEnterprises/ncpa/pull/1093

bbahn wrote: ↑Mon Jan 29, 2024 6:13 pm Hello @DuncanClarke,

I am currently the primary developer for NCPA and am currently committed to another project for the coming weeks. My current task is high-priority and will likely fill my time for the next 1-2 weeks. I will try to get this worked out in the coming weeks, but it's hard to say when exactly the next NCPA release will be.

For the time being, you can try building NCPA from this fork here: https://github.com/NagiosEnterprises/ncpa/pull/1093 geometry dash

Thank you very much for trying to resolve this issue