SWATCH with Nagios

[Max]

Hi,

I can tell you how I have integrated my own open source log monitoring
tool, LMF, with Nagios.

http://lmf.sf.net/

Pretty easy:
1)  I think swatch has 'triggers' that can be called whe events
happen, yes?  If so, install send_nsca on the monitored host, and
create a wrapper script that sends an event to Nagios with send_nsca
2)  Create a passive check for the service on your Nagios instance,
don't forget to set a freshness command that resets the check back to
'ok' after an amount of time with no events.
3)  I also use PNP to then graph events for trending.

Attached is a screenshot of my LMF graphs over time for SSH attack
attempts against one host as detected by LMF .. top of the graph
intentionally cut off to hide the host name :).

Regards,
Max
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lmf.jpg
Type: image/jpeg
Size: 22792 bytes
Desc: not available
URL: <https://www.monitoring-lists.org/archive/users/attachments/20080213/0e2b243e/attachment.jpg>
-------------- next part --------------
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null