Nagios sents notifi immideatly after recieving syslog error

chiel chiel at gmx.net
Thu Apr 12 13:07:22 CEST 2007 

Hi Thomas,

Thanks for pointing met to check_log3, but i'm not sure if its what i'm 
looking for after I tested it.
I didn't test the GroundWork yet because at this moment I only use Nagios.

The thing that I am looking for is as follows, I want to get my Nagios 
notification e-mail as follows:


***** Nagios 2.8 *****

Notification Type: PROBLEM
Host: NAGIOS
State: DOWN
Address: ***.***.***.***
Info: Syslog messages

$DEVICENAME$ has reported the following syslog messages over the last 5 
minutes:

Emergencies:
-emergencie message 1
-emergencie message 1

Alerts:
-alert message 1

Critical:
-etc...

Date/Time: Mon Mar 19 13:21:07 CET 200


..Or something like that.
Group those messages together is also a posibility but I prefer the above 
methode.
Is this posible with the Groundwork Foundation? or must I write some custom 
script? (don't hope so because I'm not that good of a programmer..maybe 
someone can help?)

chiel

----- Original Message ----- 
From: "Thomas Stocking" <tstocking at groundworkopensource.com>
To: <andy.shellam-lists at mailnetwork.co.uk>
Cc: "chiel" <chiel at gmx.net>; <Nagios-users at lists.sourceforge.net>
Sent: Wednesday, April 11, 2007 9:20 PM
Subject: Re: [Nagios-users] Nagios sents notifi immideatly after recieving 
syslog error


> Well, yes...or do it at the plugin level.
> I mean, what about writing the syslog messages to a log file that you 
> parse every 5 minutes? There are plugins like check_log3 that do this, and 
> they can be set to filter for regex expressions.
> Another way would be to use syslog-ng to accept and filter the syslog 
> messages, and post them to Nagios as passive checks via a program that 
> does some consolidation/filtering for you.
> We have done this using the Foundation database in GroundWork - post the 
> messages there, and then query periodically to find the conditions you 
> want an alert for with a simple perl plugin.
> FYI GroundWork Foundation is now bundled into GroundWork Monitor Open 
> Source 5.1.
>    Thomas
>
> http://www.nagiosexchange.org/Solaris.50.0.html?&tx_netnagext_pi1[p_view]=423
> http://www.balabit.com/products/syslog_ng/
> http://gwfoundation.sourceforge.net/
> http://www.groundworkopensource.com/downloads/full_download.html
>
> Andy Shellam wrote:
>> At first glance I'd say you'd need to write your own notification handler 
>> that does this for you.
>> It would be much easier to write, say, a shell script that takes the 
>> notification details as parameters to the script.
>>
>> That way your script can then do much greater filtering than Nagios alone 
>> does.
>>
>> Andy.
>>
>> chiel wrote:
>>
>>> Hello,
>>>  On some of my network devices I have set up syslog to send there 
>>> results to Nagios trough passive checks. This works perfectly.
>>> When syslog sents a error messages Nagios immideatly sents a 
>>> notification e-mail/sms.
>>>  The thing is that when syslog sent for example 20 error messages from 
>>> one device within 5 secondes I also get 20 e-mail/sms notifications.
>>> Is there a way that Nagios waits for (let say) 5 minutes, after the 
>>> first error hase been received, and than sents these 20 error messages 
>>> all in one notification?
>>>  chiel
>>>  !DSPAM:37,461cecf489294516711538!
>>> ------------------------------------------------------------------------
>>>
>>> -------------------------------------------------------------------------
>>> Take Surveys. Earn Cash. Influence the Future of IT
>>> Join SourceForge.net's Techsay panel and you'll get the chance to share 
>>> your
>>> opinions on IT & business topics through brief surveys-and earn cash
>>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>>>
>>> !DSPAM:37,461cecf489294516711538!
>>>   ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> Nagios-users mailing list
>>> Nagios-users at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>>> ::: Please include Nagios version, plugin version (-v) and OS when 
>>> reporting any issue. ::: Messages without supporting info will risk 
>>> being sent to /dev/null
>>>
>>> !DSPAM:37,461cecf489294516711538!
>>>
>>
>>
>> -------------------------------------------------------------------------
>> Take Surveys. Earn Cash. Influence the Future of IT
>> Join SourceForge.net's Techsay panel and you'll get the chance to share 
>> your
>> opinions on IT & business topics through brief surveys-and earn cash
>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when 
>> reporting any issue. ::: Messages without supporting info will risk being 
>> sent to /dev/null
>> 


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

More information about the Users mailing list