Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Notifications and check_logfiles

https://support.nagios.com/forum/viewtopic.php?t=9975

Page 1 of 1

Notifications and check_logfiles

Posted: Wed Apr 03, 2013 11:15 am
by charlotron
Hi guys/admins,

although my question is about some plugin that checks files/logs looking for coincidences (errors) and shows them in the dashboard, my question is a more general question than a plugin related.

This is the problem:

1º) I fire the service(scheduled 1min delay) and all went fine, the service goes Green and shows ok (There is no errors)
2º) Now I force an error in the log, next minute the check is done and the dashboard shows a notification in red and showing the critical
3º) One minute later another check is made, as I haven't done any modification to the log, it is OK and the status goes green as if nothing had happened before.

I know this is the correct way to be notified, but i need something as "there was a problem before" o "N errors where detected, check it!"

I've been looking around to see if some plugin makes that errors staying of some way and I have been unable to do it, and I don't know if it can be made some config changes to the service or making something with the core.

Any help will be fine,
Thank you in advance.

Note: sorry for my english ;)

Re: Notifications and check_logfiles

Posted: Wed Apr 03, 2013 11:24 am
by slansing
What plugin were you using to check this? You can also take a look at the following listing for plugins such as the one you described:

http://exchange.nagios.org/directory/Plugins/Log-Files

Re: Notifications and check_logfiles

Posted: Wed Apr 03, 2013 11:27 am
by charlotron
I'm using this plugin, calling it from the nagios using nrpe with a windows host with nsclient++ where it is installed:
http://labs.consol.de/lang/en/nagios/check_logfiles/

And as I told the behaviour of the plugin is fine, the problem is that errors are lost in the past..

Note: Sorry for duplicating post, I thought I did something wrong

Re: Notifications and check_logfiles

Posted: Wed Apr 03, 2013 11:42 am
by abrist
There most definitely are plugins that can do what you ask. You could also roll your own simple script to do this as well. Sometimes it is as simple as checking a short tail for a string:

Code: Select all

#!/bin/sh
# Simple log checker

if tail /var/log/messages | grep segfault
then
        echo "error!"
        exit 2
else
        echo "all good!"
        exit 0
fi

Re: Notifications and check_logfiles

Posted: Wed Apr 03, 2013 12:00 pm
by charlotron
the main prob is how to handle that notifications of "there was problems" and mark them as "checked" to continue checking for new errors. I suppose this is only able to be done

Re: Notifications and check_logfiles

Posted: Wed Apr 03, 2013 12:07 pm
by slansing
You will have to set values for the notifications and these can be done via warning or critical thresholds "as I am sure you are aware." So you will need to devise what information from the log file will trigger a warning or critical, of course if you write your own plugin as Abrist showed this can be quite easy, and you could in theory set any combination of log strings to return a critical or warning to Nagios.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited