nrpe CheckEventLog

Jim Avery jim at jimavery.me.uk
Wed Feb 16 14:33:33 CET 2011

Previous message: nrpe CheckEventLog
Next message: Distributed monitoring and dependencies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 16 February 2011 12:38, Tristan Drinkwater <tristand at micro-p.com> wrote:
> Hi guys,
>
> I hope someone can help me.
>
> I'm trying to set up Nagios to return a warning for all red error logs in both the system and application logs on a windows 2003 server.
>
> So far no matter what I try I always get 'Eventlog Check ok' even when I know that there are some red error's showing in the log.
>
> I've just been running this from the libexec folder so far as I what to get the syntax right before defining the service and alike.
>
> ./check_nrpe -H IP -p 5667 -c checkEventLog file=application file=system filter-eventType==error filter-generated=\<1d
>
>
> Any ideas anyone?
>
> NSclient 3.3.20 installed on windows machine.


If it's any help to you, the entry I have in my nsc.ini file in the
[External Alias] section is:

  alias_CheckEventLog=CheckEventLog file=application file=system
MaxWarn=1 MaxCrit=1 "filter=generated gt -1h AND severity NOT IN
('success', 'informational')" truncate=800 unique descriptions
"syntax=%severity%: %source%: %message% (%count%)"

(that's all one line in case your email file wraps it)

As you can see it uses the new syntax.  Note that to use external
aliases like this, you need to uncomment the line which reads:

  CheckExternalScripts.dll

And you can query it from the Nagios server simply with

  ./check_nrpe -H IP -p 5667 -c alias_CheckEventLog

This method where all the command line options are in the agent config
can be useful for troubleshooting, as you're less likely to hit
problems with escaping non-alphanumeric characters.  Once you have it
working nicely you can try moving to the the method you were trying
where the command line options are specified in the Nagios config.

I hope that helps rather than confuses!

Cheers,

Jim

------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: nrpe CheckEventLog
Next message: Distributed monitoring and dependencies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list