Log Check Error Log File /var/log/messages Is Not Readable
Contents |
for Help Receive Real-Time Help Create a Freelance Project Hire for a Full Time Job Ways to Get Help Ask a Question Ask for Help Receive Real-Time Help Create a Freelance Project Hire for a Full Time Job Ways to Get Help Expand Search Submit Close Search Login nagios check_log query Join Today Products BackProducts Gigs Live Careers Vendor Services Groups Website Testing Store Headlines Experts Exchange
Nagios Check Log File For String
> Questions > Nagios nrpe cannot read log file Want to Advertise Here? Solved Nagios nrpe cannot read log file Posted on 2009-05-12
Check_logfiles
Linux 1 Verified Solution 27 Comments 3,021 Views 1 Ratings Last Modified: 2012-06-27 I have a Nagios server 3.0.6 running on Ubuntu 8.04 Server. It is monitoring all things except the one below on multiple targets fine. On a certain target, I am trying to monitor my /var/log/auth.log file for bad activity, such as failed password attempts, or attempts to login as invalid users, etc. I am trying to do this via the check_log plugin via nrpe, but, I get a "Log check error: Log file /var/log/auth.log is not readable!" when the server checks on it. The easiest way I have to reproduce the error is the following manually executed command from the host server: /usr/local/nagios/libexec/check_nrpe -H target -c check_badpw I know that it means that the file cannot be opened during the check, but, I don't understand why. ls -l of /var/log/auth.log: -rw-r----- 1 syslog adm 1590863 2009-05-12 10:47 /var/log/auth.log In /etc/groups, I have added the "nagios" user to the adm group, so it should work. Further, if I am logged in as root on the target, and do "su nagios", I can read /var/log/auth.log Further, if I "chmod o+r /var/log/auth.log", the command executes properly. Additionally, when I am logged into the target as root, and su to nagios and execute the command as defined in nrpe.cfg: /usr/local/nagios/libexec/check_log -F /var/log/auth.log -O /usr/local/nagios/auth.badpasswords.log -q ": Failed password for" it works fine. So, I know it will work if I loosen the permissions on /var/log/auth.log, but, I'd prefer to keep them as tight as possible. How can I determine why the check_nrpe command does not allow for reading of the /var/log/auth.log file on the target machine? 1 Question by:tomn2tsr Facebook Twitter LinkedIn Google Best Solution bytomn2tsr It turns out that /etc/xinetd.d/nrpe needed to contain the line: groups = yes so that xinetd would apply the group membership permissions as well. Go to Solution 27 Comments LVL 30 Overall: Level 30 Linux 22 Message Expert Comment by:Kerem ERSOY2009-05-12 First of all to thest it use su - nagios not su nagios because when you do su naigos you don't switch e
Introduction Target Audience System Logs Authorization Log Daemon Log Debug Log Kernel Log Kernel Ring Buffer System Log Application Logs Apache HTTP Server Logs CUPS Print System Logs Rootkit Hunter Log Samba SMB Server Logs X11 Server Log Non-Human-Readable Logs Login Failures Log Last Logins Log Login Records Log System Logging Daemon (syslogd) Configuration of syslogd Echoing Messages to syslogd With Logger Log Rotation Essential Commands Getting Started Editing Files Viewing Files Viewing the Beginning of Files Viewing the End of Files Watching a Changing File Searching Files Resources Local System Resources WWW Resources Introduction One of the things https://www.experts-exchange.com/questions/24401503/Nagios-nrpe-cannot-read-log-file.html which makes GNU/Linux a great operating system is that virtually anything and everything happening on and to the system may be logged in some manner. This information is invaluable for using the system in an informed manner, and should be one of the first resources you use to trouble-shoot system and application issues. The logs can tell you almost anything you need to know, https://help.ubuntu.com/community/LinuxLogFiles as long as you have an idea where to look first. Your Ubuntu system provides vital information using various system log files. These log files are typically plain ASCII text in a standard log file format, and most of them sit in the traditional system log subdirectory /var/log. Many are generated by the system log daemon, syslogd on behalf of the system and certain applications, while some applications generate their own logs by writing directly to files in /var/log. This guide talks about how to read and use several of these system log files, how to use and configure the system logging daemon, syslogd, and how log rotation works. See the Resources section for additional information. Target Audience This guide will be simple enough to use if you have any experience using the console and editing text files using a text editor. See the end of this document for some essential commands that may help you find your way around these files if you're relatively new to the command line. System Logs System logs deal primarily with the functioning of the Ubuntu system, not necessarily with additional applications added by users. Exam
experts show you how Nagios can help your organization. Register Now Contact Us Phone: 1-888-NAGIOS-1 Email: sales@nagios.com Login Username Password Remember Me Create an account Forgot your username? Forgot your password? RSS Feeds New Listings Updated https://exchange.nagios.org/directory/Plugins/Operating-Systems/Solaris/Check-the-messages-file-for-errors/details Listings Directory Quicklinks Home All Categories Add Listing New Listings Recently Updated Listings http://stackoverflow.com/questions/2373212/how-do-i-use-nagios-to-monitor-a-log-file Most Favoured Listings Featured Listing Most Popular Listings Most Rated Listings Top Rated Listings Most Reviewed Listings Check the messages file for errors Submit reviewRecommendPrintClaimRating1 vote Favoured: 0 OwnernagiosexchangeHits153320Files:FileDescriptioncheck_messages_file.shCheck Solaris messages file Check for errors in the messages fileThis is a log check script that is very basic but works very well for the log file majority of hardware issues. The only downside is that it doesn't create a compare file as the check_log script does and will not auto clear until the next day (or if you fix it and rotate the log file) This script also checks if the OS is Solaris or linux and if it is a linux box it will scan the /var/log/messages instead of the /var/adm/messages file log check error I have yet to see any alerts from my Linux boxes so I cannot verify how well that works! Reviews (1) Permission Errorbymtarkowski, November 1, 2012 Will not work for me. I get the following error: egrep: /var/log/messages: Permission denied OK - No major errors found in messages file. I tried changing the file messages file owner, group, and permissions but no luck. Awards: Sitemap: Home About Case Studies Testimonials Customers Company Info Contact Us Legal Terms of Use Privacy Policy Trademarks Network: Nagios Enterprises Nagios Support Nagios Library Nagios Project Nagios Exchange Nagios Labs More Sites [+] Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. The files and information on this site are the property of their respective owner(s). Nagios Enterprises makes no claims or warranties as to the fitness of any file or information on this website, for any purpose whatsoever. In fact, we officially disclaim all liability. We do, however, think these community contributions are pretty damn cool. Website Copyright © 2009-2016 Nagios Enterprises, LLC. All rights reserved. Privacy Policy Trademarks Terms of Use
here for a quick overview of the site Help Center Detailed answers to any questions you might have Meta Discuss the workings and policies of this site About Us Learn more about Stack Overflow the company Business Learn more about hiring developers or posting ads with us Stack Overflow Questions Jobs Documentation Tags Users Badges Ask Question x Dismiss Join the Stack Overflow Community Stack Overflow is a community of 6.2 million programmers, just like you, helping each other. Join them; it only takes a minute: Sign up How do I use Nagios to monitor a log file up vote 22 down vote favorite 9 We are using Nagios to monitor our network with great success. However, we have a syslog for critical application errors and while I set up check_log, it doesn't seem to work as well as monitering a device. The issues are: It only shows the last entry There doesn't seem to be a way to acknowledge the critical error and return the monitor to a good state Is nagios the wrong tool, or are we just not setting up the service monitering right? Here are my entries # log file define command{ command_name check_log command_line $USER1$/check_log -F /var/log/applications/appcrit.log -O /tmp/appcrit.log -q ? } # Define the log monitering service define service{ name logfile-check ; use generic-service ; check_period 24x7 ; max_check_attempts 1 ; normal_check_interval 5 ; retry_check_interval 1 ; contact_groups admins ; notification_options w,u,c,r ; notification_period 24x7 ; register 0 ; } define service{ use logfile-check host_name localhost service_description CritLogFile check_command check_log } logfiles nagios share|improve this question edited Mar 3 '10 at 17:51 asked Mar 3 '10 at 16:54 Kenoyer130 1,88942654 Can you post a copy of your service check and your check command? –Bill B Mar 3 '10 at 17:26 add a comment| 6 Answers 6 active oldest votes up vote 3 down vote accepted As there are many ways to achieve a goal, there is also a nice plugin from Consol available: https://labs.consol.de/lang/en/nagios/check_logfiles/ supports regex supports log rotation To use it, you need a cfg file, this is an example for oracle databases @searches = ({ tag => 'oraalerts', options => 'sticky=28800', logfile => '/u01/app/oracle/diag/rdbms/davmdkp/DAVMDKP1/trace/alert_DAV