check_log not working properly

[Neil]

Jim Mozley writes: 

> Based on fictitious example for monitoring sonet network events using 
> syslog (I have a plugin to do this via SNMP but the principle is the same 
> for some other stuff we do and avoids some complexity that would take a 
> bit of explaining). 
> 
> You define a service as normal, but you may want to turn off active checks 
> and perhaps use the freshness checking. This is covered in the manual, but 
> if there are specific bits that don't make sense I'd post a question here. 
> Define the service(s) with some consistent naming e.g. "<hostname>-sonet" 
> as you will need this so your script associates the event with the 
> appropriate service. 
> 
> Configure swatch or equivalent to perform an execute script type action. 
> The script receives the syslog message and then submits a passive check 
> against the service. It will need to build a service name from the syslog 
> message passed to it, for instance by extracting the hostname from the 
> syslog message and adding "-sonet". Depending upon the nature of the 
> message it should also set a status e.g. if the messages match the regex 
> /[Ee]rror|[Ff]ail/ make it critical or if its /[Uu]p/ make it OK. 
> 
> The scripts submits the passive check via Nagios' command pipe, the exact 
> format of the command is available in the manuals and some sample scripts 
> provided with the distribution. 
> 
> Once you've done this the big advantage is having one source of events 
> i.e. nagios shows the results of pinging and syslog events and there is 
> one unified set of notification mechanisms, etc. Otherwise using just 
> swatch (email alerts for instance) you have a second system to administer.

First of all, thanks for the explanation above. I got your idea although, I 
am a little lost. If it's alright with you, can you provide me with a sample 
entry of each line for each configuration files. You can obscure the ip 
addresses if there are any listed. You also mentioned on the other emails 
that you can provide me with syslog-ng conf too. Is it ok too? :) 

This will speed me up about understanding how this process works. 

Thanks. 

Neil 



-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null