server log plugin

Miguel Lanz edgarosy at gmail.com
Mon Apr 16 16:48:53 CEST 2012
Previous message: server log plugin
Next message: server log plugin
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I am using Ubuntu server 10.x version, Nagios 3.0.6 version. and
check_logfiles plugin 3.4.7.1 version.

Thanks for your help.

On Mon, Apr 16, 2012 at 8:45 AM, Miguel Lanz <edgarosy at gmail.com> wrote:

> I am just starting with nagios and so far I have learned quite a bit and
> have successfully setup multiple nagios checks on several servers and all
> of them are working as expected.
>
> I've been trying to setup the check_logfiles plugin to check for a pattern
> like this: where someone attempted to login to one of my applications
> several times within milliseconds. is there a way that I can configure the
> nagios check_logfiles plugin to parse multiple login attempts as shown
> below within seconds and send me an alert? of would it be better to write a
> custom script to do that?
>
> Thanks for your help.
>
>
> 77.221.134.186 - - [05/Apr/2012:08:06:23 -0600] "GET
> /sms/login/emailpwd?uname=bossman2040&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:25 -0600] "GET
> /sms/login/emailpwd?uname=u002422&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:25 -0600] "GET
> /sms/login/emailpwd?uname=suzzie&email= HTTP/1.1" 200 5608 "-" "Mozilla/4.0
> (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:26 -0600] "GET
> /sms/login/emailpwd?uname=BlackBox&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:27 -0600] "GET
> /sms/login/emailpwd?uname=Bigboss83&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:28 -0600] "GET
> /sms/login/emailpwd?uname=copcarsonline&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:28 -0600] "GET
> /sms/login/emailpwd?uname=u002422&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41 - - [05/Apr/2012:08:06:29 -0600] "GET
> /sms/login/emailpwd?uname=juanyromo&email= HTTP/1.1" 200 5608 "-"
> "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)" "-"
> 176.9.53.41
>
>
> On Thu, Apr 5, 2012 at 1:24 PM, Edgarosy <edgarosy at gmail.com> wrote:
>
>> Thank you Claudio.
>>
>> CONFIDENTIALITY NOTICE: This message and any attachment(s) are solely for
>> the use of the intended recipient(s) identified above and may contain
>> information that is proprietary, privileged, or confidential. If you are
>> not an intended recipient, you may not review, retransmit, or otherwise use
>> this message or any attachment. If you have received this message in error,
>> please immediately notify the sender by reply e-mail and delete this
>> message.
>>
>>
>>
>> On Apr 5, 2012, at 1:18 PM, Claudio Kuenzler <ck at claudiokuenzler.com>
>> wrote:
>>
>> This one is probably the best one:
>> http://labs.consol.de/lang/en/nagios/check_logfiles/
>>
>> On Thu, Apr 5, 2012 at 6:56 PM, Parkman, Mikhail <
>> Mikhail_Parkman at cable.comcast.com> wrote:
>>
>>>  I need to perform the following tasks:****
>>>
>>> ** **
>>>
>>> ·  Demonstrated that Nagios alert is fired when certain messages are
>>> logged in the application log file on the target (remote) host****
>>>
>>> ·  Nagios "info message" is fired when error condition is cleared.****
>>>
>>> ** **
>>>
>>> I found out “logwarn” plugin but I didn’t find detailed configuration
>>> instructions for this plugin.****
>>>
>>> ** **
>>>
>>>
>>> http://exchange.nagios.org/directory/Plugins/Log-Files/check_logwarn/details
>>> ****
>>>
>>> ** **
>>>
>>> And another one – “check_logfiles” – this one is described better in my
>>> opinion but referring to something called OPSVIEW that I don’t have any
>>> idea about.****
>>>
>>> ** **
>>>
>>> http://www.osupport.net/2011/log-files-monitoring-with-nagios-opsview/**
>>> **
>>>
>>> ** **
>>>
>>> ** **
>>>
>>> Did somebody have experience with well documented “check log” plugin,
>>> and could recommend one so that the functionality of the recommended plugin
>>> matches bulleted tasks in the beginning of this email that I have to
>>> accomplish?****
>>>
>>> ** **
>>>
>>> Thanks.****
>>>
>>> Mikhail.****
>>>
>>> ** **
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Better than sec? Nothing is better than sec when it comes to
>>> monitoring Big Data applications. Try Boundary one-second
>>> resolution app monitoring today. Free.
>>> http://p.sf.net/sfu/Boundary-dev2dev
>>> _______________________________________________
>>> Nagios-users mailing list
>>> Nagios-users at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>>> ::: Please include Nagios version, plugin version (-v) and OS when
>>> reporting any issue.
>>> ::: Messages without supporting info will risk being sent to /dev/null
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Better than sec? Nothing is better than sec when it comes to
>> monitoring Big Data applications. Try Boundary one-second
>> resolution app monitoring today. Free.
>> http://p.sf.net/sfu/Boundary-dev2dev
>>
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when
>> reporting any issue.
>> ::: Messages without supporting info will risk being sent to /dev/null
>>
>>
>
>
> --
> Edgar Lanz
>
> "If nobody is perfect I must be nobody"
>



-- 
Edgar Lanz

"If nobody is perfect I must be nobody"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20120416/0cbc0f76/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: server log plugin
Next message: server log plugin
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list