How can I change Nagios/NRPE log location?

Schimpke, Dr. Thomas - bhn Schimpke.Thomas at bhn-services.com
Wed Oct 5 17:24:29 CEST 2011


It somewhat depends upon your operating system (and Linux distribution, if you use Linux). On a RedHat based system you may want to try "service syslog restart".  Typically syslog reloads its configuration, if you sent him the SIGHUP signal. So you may want to use ps -ef | grep syslog to determine syslog's pid and then kill -HUP pid.

You may want to check syslog's man page to verify if your syslog responds to signals ... if your're not on linux.


Thomas

On 10/05/2011 04:54 PM, R. Leigh Hennig wrote:
I made the change and restarted xinted. How do I restart syslog?

On Wed, Oct 5, 2011 at 10:43 AM, Schimpke, Dr. Thomas - bhn <Schimpke.Thomas at bhn-services.com<mailto:Schimpke.Thomas at bhn-services.com>> wrote:
Hi,

it's not nrpe's config file - it's xinetd's config file for the nrpe service. nrpe is started by xinetd as soon as a request from the nagios server arrives. So you simply need to restart xinetd (or reload its configuration).

If you still use SYSLOG (and not FILE), then you should configure the facility in /etc/syslog.conf appropriately. You need to restart/reload syslog for the change to have effect.

Thomas


On 10/05/2011 04:24 PM, R. Leigh Hennig wrote:
I've made the configuration change - now I'm guessing I need to restart NRPE daemon to read in the changed  config file. How do I restart NRPE? I want it to run as a daemon, and I believe that it is...there's an nrpe file in /etc/xinte.d/...I already restarted xinted after I made the log file change there...

On Wed, Oct 5, 2011 at 9:51 AM, Schimpke, Dr. Thomas - bhn <Schimpke.Thomas at bhn-services.com<mailto:Schimpke.Thomas at bhn-services.com><mailto:Schimpke.Thomas at bhn-services.com<mailto:Schimpke.Thomas at bhn-services.com>>> wrote:
These aren't messages from nrpe but from xinetd. You should set the log_type parameter in nrpe's config fiule for the xinetd. Either use SYSLOG with facility local0 and configure syslog to log local0 to a file .../nrpe.log or use
FILE as a parameter for the log_type and and the full path to the desired logfile.

Check out the xinetd.conf man page for more details.

Since you poll nrpe quite often it may be better to run nrpe as a daemon (nrpe -d ...) anyway to avoid the start overhead.

Thomas

On 10/05/2011 03:13 PM, R. Leigh Hennig wrote:
On my remote hosts, /var/log/messages is filling up with messages like this:

Sep 26 06:33:53 <REMOVED> xinetd[13362]: EXIT: nrpe status=0 pid=8099 duration=0(sec)
Sep 26 06:34:01 <REMOVED> xinetd[13362]: START: nrpe pid=8105 from=<REMOVED>
Sep 26 06:34:01 <REMOVED> xinetd[13362]: EXIT: nrpe status=0 pid=8105 duration=0(sec)
Sep 26 06:34:57 <REMOVED> xinetd[13362]: START: nrpe pid=8113 from=<REMOVED>

How can I make it so that Nagios/NRPE throws these in a different file, and not just /var/log/messages?

Thanks


------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net<mailto:Nagios-users at lists.sourceforge.net><mailto:Nagios-users at lists.sourceforge.net<mailto:Nagios-users at lists.sourceforge.net>>
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null



------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net<mailto:Nagios-users at lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null



------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list