Home Directory Plugins Log Files check_timed_logs

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

check_timed_logs

Rating
3 votes
Favoured:
0
Current Version
1.0.2
Last Release Date
2013-10-07
Compatible With
  • Nagios 3.x
License
GPL
Hits
48025
Files:
FileDescription
check_timed_logs.plcheck_timed_logs.pl
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Script searches a text file for the appearance of a given RegEx within a given time period.
Using additional parameters you can adjust: Time string format,
time string position, number of pattern matches required to be "successful".
Script searches a text file for the appearance of a given RegEx within a given time period.
Using additional parameters you can adjust: Time string format,
time string position, number of pattern matches required to be "successful",

REQUIRES: perl-Time-Piece perl-File-ReadBackwards ON RHEL-based systems you can run: yum install perl-Time-Piece perl-File-ReadBackwards


Return Values for NRPE:
OK - There are only 0 instances of $pattern in the last $interval minutes (0)
CRITICAL - There are $hits instances of $pattern in the last $interval minutes (2)
WARNING - There are $hits instances of $pattern in the last $interval minutes (1)
UNKNOWN - There were no files matching the passed filename (3)

check_timed_logs.pl -h

Usage: check_timed_logs.pl
-pattern
-logfile
-interval
[-timepattern ]
[-warning|w ] [-critical|c ]
[-timeposition ]

To allow for rotating logfiles, any file that matches the passed filename and was changed within the passed interval is checked. e.g. If you pass /var/log/applog, this could match /var/log/applog.0, /var/log/applog.old and so on. However, it does not handle compressed (e.g. gzip/bzip) files.

Default time pattern is: %Y-%m-%d %H:%M:%S => 2012-12-31 17:20:40
Example Time patterns (from a RHEL system):
BSD/Syslog: %b %d %H:%M:%S => Dec 31 17:20:40
Apache Logs: %d/%b/%Y:%H:%M:%S (with -timeposition 3) => 31/Dec/2012:17:20:40
Websphere Logs: %d-%b-%Y %I:%M:%S %p => 31-Dec-2012 05:20:40 PM
Nagios logs: %s => 1361260238 (seconds since 01-01-1970)
For a posix time format documentation check out: http://linux.die.net/man/3/strftime

Default warning/critical threshold of pattern matches to find is: 1 -> unless you change this, you will only get OK or CRITICAL, but never WARNING

Default time position is 0
Time Position: each line is split into an array of strings on the space character, this provides the index for the first time string.
Note: If the line starts with the time, that means we start at index 0.

The values for interval and warning/critical need to be larger than zero


CHANGELOG:
1.0 2013-02-19 - initial version
1.0.1 2013-02-27 - fixed false variable reference
1.0.2 2013-10-07 - integrated threshold-comparison fix by Christoph Tavan - thanks ;)
Reviews (1)
byCitrus07, April 10, 2013
I'm trying to do a search of strings with a DATE Field in the first column, but in my case, the log file i'm searching is a mix of information/logging with and without the timestamp as first field.. My search is succesful only if the last lines contain the timestamp, otherwise it gives me this error

Error parsing time at /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/Time/Piece.pm line 465.