Check_logfiles plug-in usage

Check_logfiles is a plug-in that examines Nagios log keywords and is powerful. Project Address is https://labs.consol.de/nagios/check_logfiles/

First, installation
TAR-ZXVF check_logfiles-2.3.1.2.tar.gz
CD check_logfiles-2.3.1.2
./configure--with-nagios-user=nagios--with-nagios-group=nagios--with-seekfiles-dir=/usr/local/nagios/var/ Tmp--with-protocols-dir=/usr/local/nagios/var/tmp--with-trusted-path=/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr /bin:/usr/local/nagios/libexec--with-perl=/usr/bin/perl--with-gzip=/bin/gzip
Make
Make install

Second, the configuration

Using Check_logfile
[Email protected] libexec]#/check_logfiles--help
This Nagios Plugin comes with absolutely NO WARRANTY. You mayuse
It on your own risk!
Copyright by ConSol Software GmbH, Gerhard lausser.

This plugin looks-patterns in logfiles, even in those who wererotated
Since the last run of this plugin.

usage:check_logfiles [-t timeout]-F

The configfile looks like this:

$seekfilesdir = '/opt/nagios/var/tmp '; #写状态信息的目录, which records the log content that has been checked, equivalent to the history
# where the state information'll be saved.

$protocolsdir = '/opt/nagios/var/tmp '; #写协议信息的目录, which records the matching information for the log check.
# where protocols with found patterns'll be stored.

$scriptpath = '/opt/nagios/var/tmp '; #可调用的脚本或程序
# where scripts'll is searched for.

$MACROS = {cl_disk01 = "/dev/dsk/c0d1", cl_disk02 = "/dev/dsk/c0d2"}; #定义宏

@searches = (#此处为配置文件的内容, we can execute the program through a configuration file, or it can be defined directly on the command line. More convenient configuration files
{
Tag = ' temperature ', #定义唯一的标识符, it will be used as part of the name in generating status information or protocol information, and has no practical meaning
Logfile=> '/var/adm/syslog/syslog.log ', #日志文件位置
Rotation=> ' Bmwhpux ', #用来匹配归档的日志文件, rotation if there is a truncated log, it is used to define how to match the truncation log
Criticalpatterns = [' Overtemp_emerg ', ' Power supplyfailed '], #严重错误, can match one or more regular expressions
Warningpatterns = [' Overtemp_crit ', ' corrected Eccerror '], #警告错误, can match one or more regular expressions
Options=> ' Script,protocol,nocount ', #选项列表, we can choose to start the script, write the protocol, regardless of the number of operations
Script = ' Sendnsca_cmd '
}, #脚本的名字
{
Tag = ' SCSI ',
Logfile=> '/var/adm/messages ',
Rotation=> ' Solaris ',
Criticalpatterns = ' sense key:not ready ',
Criticalexceptions = ' sense Key:not ready/dev/testdisk ',
Options=> ' Noprotocol '
},
{
Tag = ' logins ',
Logfile=> '/var/adm/messages ',
Rotation=> ' Solaris ',
Criticalpatterns = [' Illegal key ', ' readerror.* $CL _disk01$ '],
Criticalthreshold = 4
Warningpatterns = [' Read error.* $CL _disk02$ '],
}
);

The above will be unified to write each project into the configuration file, of course, you can also put it in the command line call, the two methods are called as follows:

[Email protected] libexec]#./check_logfiles
usage:check_logfiles [-t timeout]-f[--searches=tag1,tag2,...]
check_logfiles [-t timeout]--logfile=--tag=--rotation=
--criticalpattern=--warningpattern=


Third, the current network example
1. Edit a configuration file on the monitored side as follows
Vim/usr/local/nagios/var/catalina.cfg

$seekfilesdir = "/usr/local/nagios/var/tmp";
$protocolsdir = "/usr/local/nagios/var/tmp";
@searches = (
{
Tag = ' Tomcat ',
Logfile=> '/opt/tomcat7/logs/catalina.out ',
Rotation=> ' Catalina. $CL _date_yyyy$-$CL _date_mm$-$CL _date_dd$.log ',
Criticalpatterns = [
' Java.net.SocketTimeoutException ',
' Exception '
],
Warningpatterns = [

],
Options=> ' nocase,encoding=utf-8,criticalthreshold=1,warningthreshold=1 '
},
);
We have defined a flag tomcat.catalina.out, check the log file is/opt/tomcat7/logs/catalina.out, logs information in matching the contents of Ciriticalpattern will be reported serious error, , State information and protocol information are written to the/usr/local/nagios/var/tmp,
$CL _date_yyyy$-$CL _date_mm$-$CL _date_dd$ is the defined time macro, which is the archive log that matches the current date. Options=> ' Nocase ', the regular expression is case-insensitive,options=> ' criticalthreshold=1,warningthreshold=1 ',
This value sets the number of times the match is ignored. If set to 3, the first 2 matches are ignored, and the 3rd match is counted. This is only ignored 1 times, the 2nd match on the count.


2, in the/usr/local/nagios/libexec directory, check the configuration of the file, the display of normal execution, the log no error.
[Email protected] libexec]#/check_logfiles--config/usr/local/nagios/var/catalina.cfg
Ok-no errors or Warnings|tomcat.catalina.out_lines=192tomcat.catalina.out_warnings=0 tomcat.catalina.out_criticals =0tomcat.catalina.out_unknowns=0

3. View the generated/usr/local/nagios/var/tmp directory
Catalina._opt_tomcat7_logs_catalina.out.tomcat file, where Tomcat is the tag we configured, the file contents are as follows:
[Email protected] tmp]# Catcatalina._opt_tomcat7_logs_catalina.out.tomcat
$state = {
' Logoffset ' = 166891197,
' Devino ' = ' 2,053:27,754,546 ',
' Servicestateid ' = 0,
' LogTime ' = 1470399570,
' Serviceoutput ' and ' = '
};
1;

4. Add the monitoring command to the monitored side add nrpe.cfg file
command[check_tomcat_logfiles]=/usr/local/nagios/libexec/check_logfiles--config/usr/local/nagios/var/ Catalina.cfg

5, monitoring terminal definition of the LOG Keyword monitoring service configuration
Define Service{
Use LOCAL-SERVICE,SRV-PNP; Name of service template to use
HOST_NAME WEBServer10414
Service_description Tomcat Front End Log Keyword Monitoring
Check_command check_nrpe_arg!check_tomcat_logfiles!60!/usr/local/nagios/var/catalina.cfg
Notifications_enabled 1
}

6. Definition of Check_nrpe_arg command
# ' check_nrpe_arg ' command definition
Define Command {
Command_name Check_nrpe_arg
Command_line $USER 1$/check_nrpe-h $HOSTADDRESS $-C $ARG 1$-T $ARG 2$-a$arg3$
}

7. View information about the services displayed by Nagios

650) this.width=650; "title=" 1.png "src=" http://s4.51cto.com/wyfs02/M02/85/7A/ Wkiol1ekih-ziiahaabdkpswvby764.png-wh_500x0-wm_3-wmp_4-s_3195045306.png "alt=" Wkiol1ekih-ziiahaabdkpswvby764.png-wh_50 "/>

Note: The/usr/local/nagios/var/catalina.cfg file and the/usr/local/nagios/var/tmp directory and the resulting status file have permissions to be set to Nagios, otherwise no permission write errors are reported.

This article is from the Server Ops blog, so be sure to keep this source http://shamereedwine.blog.51cto.com/5476890/1834872

Check_logfiles plug-in usage