check_log deficiencies
Ralph.Grothe at itdz-berlin.de
Ralph.Grothe at itdz-berlin.de
Tue Aug 9 14:54:09 CEST 2005
Hello,
I'm not sure whether this one should not better be posted to
Nagiosplug-Help.
But then I'd also want to avoid x-posts. I already arose scorn
because of unaware misdemeanor by parallel postings to two Nagios
mailing lists.
I also know that I could overcome the spelled out deficiencies by
writing my own plug-in.
But I would like to avoid reinvention of the wheel someone else
already might have invented.
First a minor flaw which to correct only needs to change an
option to tail
(just wanted to notify the plug-in developer).
I intend to run the plug-in on HP-UX 11.00 whose tail command
does lack the neat GNUish long options.
So this is what happens.
$ libexec/check_log -F /var/adm/syslog/syslog.log -O
/tmp/syslog.log_vmunix_msg.log -q vmunix
Usage: tail [-f] [-b number] [file]
tail [-f] [-c number] [file]
tail [-f] [-n number] [file]
Obsolescent usage: tail [+-[n][l|b|c]] [-f] [file]
Log check ok - 0 pattern matches found
Here's the wrong call of tail made visible
$ PS4=\$LINENO\ \> sh -x /usr/local/nagios/libexec/check_log -F
/var/adm/syslog/syslog.log -O /tmp/syslog.log_vmunix_msg.log -q
vmunix 2>&1|tail -15
<
204 >204 >/bin/tail --lines=1
204 >/bin/grep vmunix /tmp/saza07703
Usage: tail [-f] [-b number] [file]
tail [-f] [-c number] [file]
tail [-f] [-n number] [file]
Obsolescent usage: tail [+-[n][l|b|c]] [-f] [file]
lastentry=
206 >/bin/rm -f /tmp/saza07703
207 >/bin/cat /var/adm/syslog/syslog.log
207 >1> /tmp/syslog.log_vmunix_msg.log
209 >[ 0 = 0 ]
210 >/usr/bin/printf Log check ok - 0 pattern matches found\n
Log check ok - 0 pattern matches found
211 >exitstatus=0
217 >exit 0
As said, to make HP-UX happy all it requires is to change --line
into -n
$ vi +204 /usr/local/nagios/libexec/check_log
$ sed -n 204p /usr/local/nagios/libexec/check_log
lastentry=`$GREP "$query" $tempdiff | $TAIL -n 1`
$ /usr/local/nagios/libexec/check_log -F
/var/adm/syslog/syslog.log -O
/tmp/syslog.log_vmunix_msg.log_vmunix_msg.log -q vmunix
Log check ok - 0 pattern matches found
$ logger -t vmunix -p kern.notice BlahBlah
$ /usr/local/nagios/libexec/check_log -F
/var/adm/syslog/syslog.log -O
/tmp/syslog.log_vmunix_msg.log_vmunix_msg.log -q vmunix
(1) < Aug 9 14:39:08 terra vmunix: BlahBlah
$ echo $?
2
Ok, now it's working as expected.
However, what I don't like about check_log is that it dumps a
whole working copy of the sysd log for diff-ing.
$ ll /var/adm/syslog/syslog.log /tmp/syslog.log_vmunix_msg.log
-rw-r--r-- 1 saz users 214069 Aug 9 14:39
/tmp/syslog.log_vmunix_msg.log
-rw-r--r-- 1 root root 214069 Aug 9 14:39
/var/adm/syslog/syslog.log
Well, on this test box that doesn't really matter.
But we do have a few servers that have an uptime over a year.
And some of them don't run the nifty logrotate tool you are used
to from Linux.
One of HP-UX's RC script would rotate syslog.log on each system
reboot per default.
My concern is that I wouldn't want to waste the space in /tmp (or
whatever other filesystem)
for a mere working copy of a logfile under inspection by
check_log.
So I wonder if someone already has come up with another solution,
possibly by simply storing checksum digests or similar?
Regards
Ralph
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list