AW: Check_Log
Gerhard Lausser
Gerhard.Lausser at consol.de
Sat Mar 4 17:36:21 CET 2006
Hi Mike,
i have no answer to your question why the text is being cut off, maybe the
string with the "%" inside ends up somewhere in a printf command, so the "%"
is treated like part of a format string. Look at the notification command of
contact_group Support for that.
But what i saw is the is_volatile option in your template. You should set it
to 1, because each time you read the logfile, you remove the cause of the
alert by not reading the same lines of the logfile again. If you get an
alert when you run check_log next time, then another match has been found
which must be treated as a separate event.
Greetings from munich,
Gerhard
> Here is the service check command:
>
> define service {
> use Sensor-Log
> hostgroup_name Firewalls
> service_description Check_Log
> check_command
> check_log!/var/log/messages!/usr/local/nagios/var/PIX-Deny.log!"Deny"
> register 1
> }
>
> Here is the template that I am using:
>
> define service{
>
> name Sensor-Log
> is_volatile 0
> max_check_attempts 1
> normal_check_interval 1
> retry_check_interval 1
> passive_checks_enabled 0
> active_checks_enabled 1
> check_period 24x7
> parallelize_check 1
> obsess_over_service 1
> check_freshness 0
> event_handler_enabled 0
> flap_detection_enabled 0
> process_perf_data 1
> retain_status_information 1
> retain_nonstatus_information 1
> contact_groups Support
> notification_interval 0
> notification_period 24x7
> notification_options w,c
> notifications_enabled 0
> register 0
> }
>
> Here is my check command:
>
> define command {
> command_name check_log
> command_line $USER1$/check_log -F $ARG1$ -O $ARG2$
> -q $ARG3$
>
>
> Thanks!
>
> Mike
>
>
> -----Original Message-----
> From: James Turnbull [mailto:james at lovedthanlost.net]
> Sent: Friday, March 03, 2006 6:33 PM
> To: Mike Koponick
> Cc: Nagios Users
> Subject: Re: [Nagios-users] Check_Log
>
> Mike Koponick wrote:
> >
> > I wanted to say thanks to all who responded to my question
> regarding
> > parsing syslog files.
> >
> >
> >
> > Thanks!
> >
> >
> >
> > But, I was wondering about check_log. It seems that it
> would work for
> > my environment. However I see that I have run into a snag of sorts.
> >
> >
> >
> Can you post the command/etc you are using check_log in to
> parse the log?
>
> Regards
>
> James Turnbull
>
> --
> James Turnbull <james at lovedthanlost.net>
> ---
> Author of Pro Nagios 2.0
> (http://www.amazon.com/gp/product/1590596099/)
>
> Hardening Linux
> (http://www.amazon.com/gp/product/1590594444/)
> ---
> PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking
> scripting language that extends applications into web and
> mobile media. Attend the live webcast and join the prime
> developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd___________________________
> ____________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS
> when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
>
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list