check_log multiple pattern and filtering

Marc Powell marc at ena.com
Thu Dec 3 16:17:28 CET 2009

Previous message: check_log multiple pattern and filtering
Next message: check_log multiple pattern and filtering
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Dec 3, 2009, at 2:09 AM, Tobias Exner wrote:

> 1.
> 
> any suggestions how to check multiple pattern with one command?
> 
> 
> example:
> 
> check_log -F /var/adm/messages -O /var/adm/nagios_messages -q 
> "error|connection timed out|SCSI transport failed"

check_log uses egrep to search for the pattern. Your example will work. You should be able to test this --

$ ./check_log -F /var/log/messages -O /tmp/foo.log -q "notfound|winbind|this really works"
(313) < Dec  3 08:59:57 noctools sshd[10928]: pam_winbind(sshd:account): request failed
$ echo $?
2

Remember the check_log only parses lines seen _after_ each successive run.

> 2.
> 
> Is there a way to ignore lines from the result?
> 
> example:
> 
> check_log -F /var/adm/messages -O /var/adm/nagios_messages -q "error"
> 
> This will search for all errors.
> But what can I do to ignore lines with with spezial errors like

Not with check_log but you can with check_log2.pl --

$ ./check_log2.pl --help
check_log2.pl (nagios-plugins 1.4.3) 1.2
The nagios plugins come with ABSOLUTELY NO WARRANTY. You may redistribute
copies of the plugins under the terms of the GNU General Public License.
For more information about these matters, see the file named COPYING.

Scan arbitrary log files for regular expression matches.

Usage: check_log2.pl -l <log_file> -s <log_seek_file> -p <pattern> [-n <negpattern>] -c | --critical
Usage: check_log2.pl [ -v | --version ]
Usage: check_log2.pl [ -h | --help ]

-l, --logfile=<logfile>
    The log file to be scanned
-s, --seekfile=<seekfile>
    The temporary file to store the seek position of the last scan
-p, --pattern=<pattern>
    The regular expression to scan for in the log file
-n, --negpattern=<negpattern>
    The regular expression to skip in the log file

--
Marc




------------------------------------------------------------------------------
Join us December 9, 2009 for the Red Hat Virtual Experience,
a free event focused on virtualization and cloud computing. 
Attend in-depth sessions from your desk. Your couch. Anywhere.
http://p.sf.net/sfu/redhat-sfdev2dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: check_log multiple pattern and filtering
Next message: check_log multiple pattern and filtering
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list