How can I change Nagios/NRPE log location?

R. Leigh Hennig rlh1533 at gmail.com
Wed Oct 5 17:34:11 CEST 2011
Previous message: How can I change Nagios/NRPE log location?
Next message: How can I change Nagios/NRPE log location?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
service syslog restart did restart the syslog service, however no changes
have been made. Logs about NRPE are still going to /var/log/messages, even
though I added "local4.*  /var/log/nrpe.log" to that file, and the nrpe.cfg
I changed it to local4 as well...



On Wed, Oct 5, 2011 at 11:24 AM, Schimpke, Dr. Thomas - bhn <
Schimpke.Thomas at bhn-services.com> wrote:

> It somewhat depends upon your operating system (and Linux distribution, if
> you use Linux). On a RedHat based system you may want to try "service syslog
> restart".  Typically syslog reloads its configuration, if you sent him the
> SIGHUP signal. So you may want to use ps -ef | grep syslog to determine
> syslog's pid and then kill -HUP pid.
>
> You may want to check syslog's man page to verify if your syslog responds
> to signals ... if your're not on linux.
>
>
> Thomas
>
> On 10/05/2011 04:54 PM, R. Leigh Hennig wrote:
> I made the change and restarted xinted. How do I restart syslog?
>
> On Wed, Oct 5, 2011 at 10:43 AM, Schimpke, Dr. Thomas - bhn <
> Schimpke.Thomas at bhn-services.com<mailto:Schimpke.Thomas at bhn-services.com>>
> wrote:
> Hi,
>
> it's not nrpe's config file - it's xinetd's config file for the nrpe
> service. nrpe is started by xinetd as soon as a request from the nagios
> server arrives. So you simply need to restart xinetd (or reload its
> configuration).
>
> If you still use SYSLOG (and not FILE), then you should configure the
> facility in /etc/syslog.conf appropriately. You need to restart/reload
> syslog for the change to have effect.
>
> Thomas
>
>
> On 10/05/2011 04:24 PM, R. Leigh Hennig wrote:
> I've made the configuration change - now I'm guessing I need to restart
> NRPE daemon to read in the changed  config file. How do I restart NRPE? I
> want it to run as a daemon, and I believe that it is...there's an nrpe file
> in /etc/xinte.d/...I already restarted xinted after I made the log file
> change there...
>
> On Wed, Oct 5, 2011 at 9:51 AM, Schimpke, Dr. Thomas - bhn <
> Schimpke.Thomas at bhn-services.com<mailto:Schimpke.Thomas at bhn-services.com
> ><mailto:Schimpke.Thomas at bhn-services.com<mailto:
> Schimpke.Thomas at bhn-services.com>>> wrote:
> These aren't messages from nrpe but from xinetd. You should set the
> log_type parameter in nrpe's config fiule for the xinetd. Either use SYSLOG
> with facility local0 and configure syslog to log local0 to a file
> .../nrpe.log or use
> FILE as a parameter for the log_type and and the full path to the desired
> logfile.
>
> Check out the xinetd.conf man page for more details.
>
> Since you poll nrpe quite often it may be better to run nrpe as a daemon
> (nrpe -d ...) anyway to avoid the start overhead.
>
> Thomas
>
> On 10/05/2011 03:13 PM, R. Leigh Hennig wrote:
> On my remote hosts, /var/log/messages is filling up with messages like
> this:
>
> Sep 26 06:33:53 <REMOVED> xinetd[13362]: EXIT: nrpe status=0 pid=8099
> duration=0(sec)
> Sep 26 06:34:01 <REMOVED> xinetd[13362]: START: nrpe pid=8105
> from=<REMOVED>
> Sep 26 06:34:01 <REMOVED> xinetd[13362]: EXIT: nrpe status=0 pid=8105
> duration=0(sec)
> Sep 26 06:34:57 <REMOVED> xinetd[13362]: START: nrpe pid=8113
> from=<REMOVED>
>
> How can I make it so that Nagios/NRPE throws these in a different file, and
> not just /var/log/messages?
>
> Thanks
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net<mailto:
> Nagios-users at lists.sourceforge.net><mailto:
> Nagios-users at lists.sourceforge.net<mailto:
> Nagios-users at lists.sourceforge.net>>
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net<mailto:
> Nagios-users at lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2dcopy1
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20111005/341d1688/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: How can I change Nagios/NRPE log location?
Next message: How can I change Nagios/NRPE log location?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list