Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
check_timed_logs
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
Using additional parameters you can adjust: Time string format,
time string position, number of pattern matches required to be "successful".
Script searches a text file for the appearance of a given RegEx within a given time period.
Using additional parameters you can adjust: Time string format,
time string position, number of pattern matches required to be "successful",
REQUIRES: perl-Time-Piece perl-File-ReadBackwards ON RHEL-based systems you can run: yum install perl-Time-Piece perl-File-ReadBackwards
Return Values for NRPE:
OK - There are only 0 instances of $pattern in the last $interval minutes (0)
CRITICAL - There are $hits instances of $pattern in the last $interval minutes (2)
WARNING - There are $hits instances of $pattern in the last $interval minutes (1)
UNKNOWN - There were no files matching the passed filename (3)
check_timed_logs.pl -h
Usage: check_timed_logs.pl
-pattern
-logfile
-interval
[-timepattern]
[-warning|w] [-critical|c ]
[-timeposition]
To allow for rotating logfiles, any file that matches the passed filename and was changed within the passed interval is checked. e.g. If you pass /var/log/applog, this could match /var/log/applog.0, /var/log/applog.old and so on. However, it does not handle compressed (e.g. gzip/bzip) files.
Default time pattern is: %Y-%m-%d %H:%M:%S => 2012-12-31 17:20:40
Example Time patterns (from a RHEL system):
BSD/Syslog: %b %d %H:%M:%S => Dec 31 17:20:40
Apache Logs: %d/%b/%Y:%H:%M:%S (with -timeposition 3) => 31/Dec/2012:17:20:40
Websphere Logs: %d-%b-%Y %I:%M:%S %p => 31-Dec-2012 05:20:40 PM
Nagios logs: %s => 1361260238 (seconds since 01-01-1970)
For a posix time format documentation check out: http://linux.die.net/man/3/strftime
Default warning/critical threshold of pattern matches to find is: 1 -> unless you change this, you will only get OK or CRITICAL, but never WARNING
Default time position is 0
Time Position: each line is split into an array of strings on the space character, this provides the index for the first time string.
Note: If the line starts with the time, that means we start at index 0.
The values for interval and warning/critical need to be larger than zero
CHANGELOG:
1.0 2013-02-19 - initial version
1.0.1 2013-02-27 - fixed false variable reference
1.0.2 2013-10-07 - integrated threshold-comparison fix by Christoph Tavan - thanks ;)
Using additional parameters you can adjust: Time string format,
time string position, number of pattern matches required to be "successful",
REQUIRES: perl-Time-Piece perl-File-ReadBackwards ON RHEL-based systems you can run: yum install perl-Time-Piece perl-File-ReadBackwards
Return Values for NRPE:
OK - There are only 0 instances of $pattern in the last $interval minutes (0)
CRITICAL - There are $hits instances of $pattern in the last $interval minutes (2)
WARNING - There are $hits instances of $pattern in the last $interval minutes (1)
UNKNOWN - There were no files matching the passed filename (3)
check_timed_logs.pl -h
Usage: check_timed_logs.pl
-pattern
-logfile
-interval
[-timepattern
[-warning|w
[-timeposition
To allow for rotating logfiles, any file that matches the passed filename and was changed within the passed interval is checked. e.g. If you pass /var/log/applog, this could match /var/log/applog.0, /var/log/applog.old and so on. However, it does not handle compressed (e.g. gzip/bzip) files.
Default time pattern is: %Y-%m-%d %H:%M:%S => 2012-12-31 17:20:40
Example Time patterns (from a RHEL system):
BSD/Syslog: %b %d %H:%M:%S => Dec 31 17:20:40
Apache Logs: %d/%b/%Y:%H:%M:%S (with -timeposition 3) => 31/Dec/2012:17:20:40
Websphere Logs: %d-%b-%Y %I:%M:%S %p => 31-Dec-2012 05:20:40 PM
Nagios logs: %s => 1361260238 (seconds since 01-01-1970)
For a posix time format documentation check out: http://linux.die.net/man/3/strftime
Default warning/critical threshold of pattern matches to find is: 1 -> unless you change this, you will only get OK or CRITICAL, but never WARNING
Default time position is 0
Time Position: each line is split into an array of strings on the space character, this provides the index for the first time string.
Note: If the line starts with the time, that means we start at index 0.
The values for interval and warning/critical need to be larger than zero
CHANGELOG:
1.0 2013-02-19 - initial version
1.0.1 2013-02-27 - fixed false variable reference
1.0.2 2013-10-07 - integrated threshold-comparison fix by Christoph Tavan - thanks ;)
Reviews (1)
byCitrus07, April 10, 2013
I'm trying to do a search of strings with a DATE Field in the first column, but in my case, the log file i'm searching is a mix of information/logging with and without the timestamp as first field.. My search is succesful only if the last lines contain the timestamp, otherwise it gives me this error
Error parsing time at /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/Time/Piece.pm line 465.
Error parsing time at /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/Time/Piece.pm line 465.