centralized syslogging & notifications

Carroll, Jim P jcarro10 at sprintspectrum.com
Fri Jul 18 00:03:21 CEST 2003

Previous message: I've created a web based nagios configuration tool.
Next message: centralized syslogging & notifications
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greets to all.

Lately I've been pondering/revisiting the whole issue of how best to
manage/respond to lines worthy of critical/warning events which show
up in /var/log/messages.  Here's what I'm doing today:

- all hosts log to xloghost (alias for another host)
- xloghost is running NRPE client
- NRPE kicks off the Perl version of check_log
- if match found return string/code to NRPE

Sounds good so far.  However:

- Nagios reports a problem on 'xloghost', not on the host in question
- if notifications for host 'foobar' have been disabled, this doesn't
  stop notifications being relayed by from 'xloghost'; if check_log finds
  a matching string, it doesn't care about host details

Possible steps to improve the situation:

- move xloghost (centralized syslogging) to Nagios host
- munge check_log (Perl version) to inject proper details into nagios.cmd
  (reporting on actual host, not xloghost), and run from cron
- additional munge to check_log to possibly report first (not last)
  line of log output

Wish list:

- when syslog catches multiple lines of related output:
  - the whole lot would be forwarded to the appropriate contacts
    via e-mail
  - a modest snippet gets sent to the pager contacts (longer pages
    can be split into 2 or 3 chunks and sent as separate pages)
  - the whole lot gets appended (with a separator) to an HTML file
    which can be accessed via notes_url

Comments?  Critiques?  Suggestions and improvements?  Enlightened input?

jc


-------------------------------------------------------
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: I've created a web based nagios configuration tool.
Next message: centralized syslogging & notifications
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list