Nagios Log Checking – Check Log Files in Unix Effectively


Nagios Log File Checking: Monitoring log data files utilizing Nagios can be just as hard as it is with any other monitoring application. Nonetheless, with Nagios, once you have a log monitoring script or device that can keep an eye on a unique log file the way you want it monitored, Nagios can be relied on to deal with the rest. This style of versatility is what will make Nagios just one of the most well-liked and person welcoming monitoring application that there is out there. It can be utilized to proficiently keep track of just about anything. Personally, I like it. It has no equal!

My identify is Jacob Bowman and I work as a Nagios Checking professional. I’ve occur to understand, given the variety of requests I acquire at my work to watch log documents, that log file monitoring is a major deal. IT departments have the ongoing will need to monitor their UNIX log data files in order to make sure that software or technique difficulties can be caught in time. When problems are regarded about, unplanned outages can be avoided altogether.

But the frequent concern often requested by quite a few is, what checking software is offered that can proficiently keep track of a log file? The simple remedy to this query is NONE! The log checking purposes that does exist require way far too considerably configuration, which in result renders them not worthy of consideration.

Log checking ought to allow for for pluggable arguments on the command line (in its place of in individual config information) and ought to be very easy for the ordinary UNIX user to realize and use. Most log checking instruments are not like this. They are typically intricate and call for time to get familiar with (via examining endless web pages of set up setups). In my feeling, this is unwanted problems that can and really should be avoided.

All over again, I strongly believe, in buy to be efficient, 1 have to be in a position to run a software directly from the command line devoid of needing to go somewhere else to edit config documents.

So the ideal resolution, in most circumstances, is to both generate a log checking device for your unique needs or down load a log monitoring application that has previously been published for your sort of UNIX atmosphere.

At the time you have that log monitoring tool, you can give it to Nagios to run at any time, and Nagios will plan it to be kicked off at regular intervals. If right after managing it at the set intervals, Nagios finds the troubles/styles/strings that you tell it to look at for, it will warn and send out out notifications to whoever you want them sent to.

But then you ponder, what style of log monitoring instrument must you generate or down load for your natural environment?

The log checking plan that you need to get to watch your manufacturing log files need to be as very simple as the underneath but need to nonetheless continue being powerfully functional:

Instance: logrobot /var/log/messages 60 ‘error’ ‘panic’ 5 10 -foundn

Output: 2—1380—352—ATWF—(Mar/1)-(16:15)—(Mar/1)-(17:15:00)


The “-foundn” solution lookups the /var/log/messages for the strings “error” and “stress”. The moment it finds it, it’ll both abort with an (for Alright), 1(for WARNING) or 2(for Important). Each time you operate that command, it will present a one particular line statistic report related to that in the previously mentioned Output. The fields are delimited by the “—“.

1st field is 2 = which indicates, this is significant.

2nd industry is 1380 = quantity of seconds considering the fact that the strings you specified past happened in the log.

3rd subject is 352 = there ended up 352 occurrences of the string “error” and “stress” discovered in the log within the last 60 minutes.

4th discipline is ATWF = Will not be concerned about this for now. Irrelevant.

5th and 6th field usually means = The log file was searched from (Mar/1)-(16:15) to (Mar/1)-(17:15:00). And from the information gathered from that timeframe, 352 occurrences of “mistake” and “stress” had been uncovered.

If you would in fact like to see all 352 occurrences, you can run the down below command and pass the “-show” alternative to the logrobot software. This will output to the monitor all matching strains in the log that have the strings you specified and that have been published to the log within just the previous 60 minutes.

Instance: logrobot /var/log/messages 60 ‘error’ ‘panic’ 5 10 -show

The “-show” command will output to the display all the lines it finds in the log file that has the “mistake” and “stress” strings inside the earlier 60 moment time body you specified. Of class, you can usually transform the parameters to in shape your certain requires.

With this Nagios Log Monitoring tool (logrobot), you can complete the magic that the major identify popular checking applications can not appear shut to accomplishing.

At the time you compose or download a log monitoring script or resource like the a person over, you can have Nagios or CRON run it on a regular foundation which will in switch empower you to retain a bird’s eye look at on all the logged actions of your significant servers.

Do you have to use Nagios to operate it on a frequent foundation? Certainly not. You can use no matter what you want.

Leave a Reply