Centos log Processing

Today check the system log found that the log is in the following format:

APR 09:26:26JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=14006 duration=0 (sec)

APR 09:26:27JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=14316 duration=1 (sec)

APR 09:26:27JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=14323 duration=1 (sec)

APR 09:26:27JSMAPP4 xinetd[3158]: Start:nrpe pid=15937 from=::ffff:192.168.1.60

APR 09:26:27JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=15937 duration=0 (sec)

APR 09:27:19JSMAPP4 pptp[27991]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received.

APR 09:27:26JSMAPP4 xinetd[3158]: Start:nrpe pid=7318 from=::ffff:192.168.1.60

APR 09:27:26JSMAPP4 xinetd[3158]: Start:nrpe pid=7327 from=::ffff:192.168.1.60

APR 09:27:26JSMAPP4 xinetd[3158]: Start:nrpe pid=7332 from=::ffff:192.168.1.60

APR 09:27:26JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=7318 duration=0 (sec)

APR 09:27:26JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=7327 duration=0 (sec)

APR 09:27:26JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=7332 duration=0 (sec)

APR 09:27:26JSMAPP4 xinetd[3158]: Start:nrpe pid=7652 from=::ffff:192.168.1.60

APR 09:27:26JSMAPP4 xinetd[3158]: Exit:nrpe status=0 pid=7652 duration=0 (sec)

APR 09:27:27JSMAPP4 xinetd[3158]: Start:nrpe pid=8952 from=::ffff:192.168.1.60

APR 2209:27:27 jsmapp4 xinetd[3158]: Exit:nrpe status=0 pid=8952 duration=0 (sec)

By analyzing the above log discovery:

XINETD is a new generation of network Daemon service programs, also known as Super Internet servers, commonly used to manage a variety of lightweight Internet services.

This process is based on 192.168.1.60 this IP , obviously an intranet IP , not previously found this problem, strange.

go to - This server looks at the discovery and has Nagios log of warnings:

APR 09:50:02JSMBAK1 nagios:Warning:The check of host ' Jsmapp1 ' looks like it is orphaned (results never came back). I ' mscheduling An immediate check of the host ...

APR 09:50:24jsmbak1 nagios:Warning:The Check of service ' Check_mem ' on the host ' JSMAPP4 ' looks like it was orphaned (resu  Lts never came back). I ' m scheduling an immediate check of theservice ...

APR 09:51:02jsmbak1 nagios:Warning:The Check of service ' current Load ' in host ' nagios-server ' looks like it is Orpha  Ned (Results never came back). I ' m scheduling an immediate check of theservice ...

APR 09:51:02jsmbak1 nagios:Warning:The Check of service ' SSH ' on host ' nagios-server ' looks like it is orphaned (resu  Lts never came back). I ' m scheduling an immediate check of theservice ...

APR 09:51:02jsmbak1 nagios:Warning:The Check of service ' Total Processes ' on host ' nagios-server ' looks like it is or  Phaned (results never came back). I ' m scheduling an immediate check of theservice ...

APR 09:51:02jsmbak1 nagios:Warning:The Check of service ' HTTP ' on Host ' jsmapp2 ' Lookslike it is orphaned (results n Ever came back). I ' m scheduling an immediate check of the service ...

APR 09:51:02jsmbak1 nagios:Warning:The Check of service ' HTTP ' on Host ' jsmapp3 ' Lookslike it is orphaned (results n Ever came back). I ' m scheduling an immediate check of the service ...

APR 09:51:46JSMBAK1 xinetd[16796]: Start:nrpe pid=17625 from=::ffff:127.0.0.1

APR 09:51:46JSMBAK1 xinetd[16796]: Exit:nrpe status=0 pid=17625 duration=0 (sec)

APR 09:52:50JSMBAK1 xinetd[16796]: Start:nrpe pid=17890 from=::ffff:127.0.0.1

APR 09:52:50JSMBAK1 xinetd[16796]: Exit:nrpe status=0 pid=17890 duration=0 (sec)

Nagiosis an open-source free network monitoring tool that can effectively monitorWindows,Linuxand theUnixthe host State, switch,Routerssuch as network settings, printers and so on.

Nagios features that can be monitored are:  

1, monitoring network services (SMTP, POP3, HTTP, NNTP, ping, etc.);

2, monitor the host resources (processor load, disk utilization, etc.);

3 , simple plug-in design allows users to easily expand their services to detect methods;

4 , parallel service check mechanism;

5 and the ability to define network hierarchies, with "Parent" host definition to express the relationship between the network host, this relationship can be used to identify and clarify the host outage or unreachable state;

6 When a service or host problem arises and is resolved, the alert is sent to the contact person (via EMail , SMS, user-defined mode);

7 , has the function of defining the event handle, it can get more problem locating when the event of host or service occurs;

8 , automatic log rollback;

9 , can support and implement redundant monitoring of the host;

Ten , optional WEB the interface is used to view the current network status, notification and fault history, log files, etc.

View Nagios process discovery, with multiple processes

[Email protected] ~]# ps-ef|grep "Bin/nagios"

Root 4913 4095 0 11:12 pts/2 00:00:00 grep bin/nagios

Nagios 5146 1 0 Feb18? 01:12:40/usr/local/nagios/bin/nagios-d/usr/local/nagios/etc/nagios.cfg

Nagios 5286 1 0 Feb19? 01:15:13/usr/local/nagios/bin/nagios-d/usr/local/nagios/etc/nagios.cfg

Nagios 9767 1 0 Feb18? 01:13:52/usr/local/nagios/bin/nagios-d/usr/local/nagios/etc/nagios.cfg

Use [email protected]~]$ killall Nagios , kill all Nagios , and then restart

/usr/local/nagios/bin/nagios-d/usr/local/nagios/etc/nagios.cfg

If you want to stop Nrpe Service in xinetd the log output under

Modify the configuration file to disable logging in a successful state

[[Email protected]tomcat]# vi/etc/xinetd.conf

# Define generallogging characteristics.

Log_type = SYSLOG Daemon Info

Log_on_failure = HOST

# log_on_success = PID HOST DURATION EXIT

Review logs again after service xinetd, no longer Nrpe related logs

[[Email protected]tomcat]# service xinetd Restart

Stopping xinetd:[OK]

Starting xinetd:[OK]

Centos log Processing