forked from dinuschen/fetchlog
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.Nagios
executable file
·195 lines (145 loc) · 6.82 KB
/
README.Nagios
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
file: README.Nagios
author: Alexander Haderer
date: 17 Jun 2010
cvs: $Id: README.Nagios,v 1.4 2010/06/23 09:48:09 afrika Exp $
R E A D M E N A G I O S S E T U P
This file describes how to setup Nagios to monitor local or remote
logfiles. Nagios is a Network monitoring software and can be found at
http://www.nagios.org .
For remote monitoring Nagios requires the plugin check_snmp to work,
which uses NET-SNMP tools. NET-SNMP is a collection of SNMP utilities
and can be found at http://www.net-snmp.org .
For remote logfile monitoring you can use NRPE as an alternative. See
Nagios docs for details, its not described here.
Since Nagios3 the output format for Nagios plugins has changed. Nagios now
supports a new multilne output, fetchlog supports Nagios 3 since verstion
1.3. This setup works for Nagios 1, 2 and 3.
HOW TO
1. install
Install fetchlog, Nagios and Nagios-plugins, if you want to
monitor remote logfiles, install a plugin-package which contains
'check_snmp'.
2. find proper fetchlog options
Use logger(1) to create logfile messages for testing. Dry run
fetchlog from commandline to find the proper configuration options
by fetching the created messages:
fetchlog -f 1:80:1000: /var/log/messages /tmp/msg.bm
To skip date-time stamp and hostname increase firstcol: Nagios will
store the data for you, too. Save further space by setting lastcol
to 75.
The maximum value for len is: for Nagios 1+2: 330 and for
Nagios3 4000 with local logfiles and 1000 when using net-snmp for
remote logfiles. When using higher values information gets lost!
This is because of a limitation in Nagios' / SNMPs internal data
structures. Nagios 3 has a new format for multiline message which
fetchlog supports by using conversion option '3'.
3. Nagios config files:
fetchlog comes with config files for Nagios 1..3.:
fetchlog.cfg --> check commands for services
fetchlog_service.cfg --> service template definition
notify.cfg.example --> example notification command
Depending on your Nagios version and config file layout do:
* Nagios with central config files, no '.../etc/conf.d/'
directory, no '.../nagios-plugins/config/' directory:
Nagios file Action
--------------------------------------------------------------------
checkcommands.cfg append contents from fetchlog.cfg
services.cfg prepend contents from fetchlog_service.cfg
* Nagios with multiple config files in '.../etc/conf.d/', in
'.../nagios-plugins/config' directory and elsewhere:
- move fetchlog.cfg to '.../nagios-plugins/config/'
- move fetchlog_service.cfg to '.../nagios/conf.d/'
4. Nagios 3 config: new service check command
Since Nagios3 the plugin output format has changed: Plugins now support
multiline output directly. Former Nagios Versions accepted fetchlog's
multilnes generated by '\' + 'n' as one line. Since Nagios3 this no
longer works, Nagios3 reads this format as multiple lines. See
http://nagios.sf.net/docs/3_0/pluginapi.html for details.
Nagios3 default notification command 'notify-service-by-email' found
in file 'commands.cfg' does not send out the extra lines
(set in $LONGSERVICEOUTPUT$). To receive all fetched lines add
variable $LONGSERVICEOUTPUT$ in the email message or replace
the notify-service-by-email with the version from notify.cfg.example.
5. Remote monitoring using SNMP:
See README.SNMP how to setup and test snmpd with fetchlog
6. Nagios config check
Change to Nagios home dir and check the new Nagios config
by running:
nagios -v etc/nagios.cfg
7. Add new services
----------------------------------------------
examples for Nagios without multiline support:
----------------------------------------------
NOTE: If you use these configs with Nagios 3, you will only see one
empty line in Nagios and the emails send out. Use the multiline
commands shown below instead.
# local logfile service
# monitor messages in /var/log/messages, pick only lines containing
# 'kernel:', read from column 45 upto 120, incl. Use 'kern' as
# filename for bookmark. Use single line format prior to Nagios 3
define service{
use fetchlog-service
host_name itsme
service_description kernel messages
contact_groups admins
check_command check_fetchlog!/var/log/messages!45!120!kern!kernel:
}
# remote logfile service using snmp
# monitor messages from remotehost 'otherone' using SNMP, use SNMP
# secret 'donttell', read the 2nd exec entry configured in
# otherone's snmpd.conf, use label 'messages' for output
# The singleline format is configured in otherone's snmpd.conf,
# fetchlog conversion option 'no', see README.SNMP
define service{
use fetchlog-service
host_name otherone
service_description logfile messages
contact_groups admins
check_command check_fetchlog_snmp!donttell!2!messages
}
----------------------------------------------
examples for Nagios with multiline support:
-------------------------------------------
NOTE: If you use these configs with Nagios <3, you will see the
somewhat scrambled messages: the firstline is a copy of the
lastline, having a '|' appended. Use the non-multiline commands
from above instead.
# local logfile service
# monitor messages in /var/log/messages, pick only lines containing
# 'kernel:', read from column 45 upto 120, incl. Use 'kern' as
# filename for bookmark. Use multiline format for Nagios 3
define service{
use fetchlog-service
host_name itsme
service_description logfile messages
contact_groups admins
check_command check_fetchlog_ml!/var/log/messages!45!120!kern!kernel:
}
# remote logfile service using snmp
# monitor messages from remotehost 'otherone' using SNMP, use SNMP
# secret 'donttell', read the 2nd exec entry configured in
# otherone's snmpd.conf, use label 'messages' for output
# The multiline format is configured in otherone's snmpd.conf,
# fetchlog conversion option '3', see README.SNMP
define service{
use fetchlog-service
host_name otherone
service_description logfile messages
contact_groups admins
check_command check_fetchlog_snmp!donttell!2!messages
}
8. Nagios config check & restart
Change to Nagios home dir and check the new Nagios config by running:
nagios -v etc/nagios.cfg
If everything is ok restart Nagios via Web. Test your new config by
creating some log messages. Look in Nagios logfile. Watch your email.
Happy monitoring!
SEE ALSO
Nagios - A network monitoring system formerly known as Netsaint
http://www.nagios.org
NET-SNMP - Various tools relating to the Simple Network
Management Protocol SNMP (NET-SNMP: formerly known as UCD- SNMP)
http://www.net-snmp.org
LEGAL
Nagios is a registered trademark of Ethan Galstad
EOF