Build precise queries to find exactly what you need
Press ESC to close
Your review has been submitted and is pending approval.
So How can we know the IIS server is responding to all petitions? Well I found a way to go directly in the IIS log files and get the results from there. They key was logparser Its very usefull to monitor, if the site is acting wierd or is being attacked by hackers the thresholds should go off. The script is integrated with nagios and called using the Nagios Agent NC_NET it should also work with NRPE_NT BEWARE:It takes the current hour as argument so it almost real-time check. The script output should be something like: WARNING – 39 errors type 404 on site SitePremium |IIS Erros: 39, 5, 20 Syntax: cscript checkiis.vbs -s SiteName -t Tipo de Erro -w warning -c critical Example: cscript checkiis.vbs -s myweb -t 404 -w 50 -c 100 -h [--help] Help. -s sitename Website name in IIS 6 -t ErrorType IIS errortype:400,404,501,500 etc…
Current Version
5.0
Last Release Date
2010-06-16
Owner
felipeferreira
Website
http://www.felipeferreira.net
Download URL
http://xoroz.com/files/scripts/nagios/checkiis.txt
Compatible With
It should also graph the results. I am querying 2GB log files with great times around, 10-15 seconds.
I have tested with Windows 2003, IIS 6 running under the directory c:scripts be sure to create c:scriptslogs The log is optional and it can be set from within the script.
Call from nagios or from command line using NC_NET: C:PROGRA~1MontitechNC_Netscriptcheckiis.vbs //nologo -s SitePremium -t 404 -w 5 -c 20
The script output should be something like: WARNING – 39 errors type 404 on site SitePremium |IIS Erros: 39, 5, 20
Syntax: cscript checkiis.vbs -s SiteName -t Tipo de Erro -w warning -c critical Example: cscript checkiis.vbs -s myweb -t 404 -w 50 -c 100 -h [--help] Help. -s sitename Website name in IIS 6 -t ErrorType IIS errortype:400,404,501,500 etc…
The query I am executing is very dynamicly built but should look something like: select date as Date, QUANTIZE(time, 3600) AS Hour, sc-status as Status, count(*) AS ErrorCount from ‘E:Logs-SitesSitePremiumW3SVC1523476301ex100521.log’ to ‘c:scriptslogsLogs_SitePremium.csv’ WHERE sc-status = 404 AND Hour = ‘15:00:00? GROUP BY date, hour,sc-status HAVING ErrorCount > 5 ORDER BY ErrorCount DESC
To get more detail of the erros you could execute the query (using logparser) it will output each URL associated with the errocode. select date as Date, QUANTIZE(time, 3600) AS Hour, sc-status as Status,cs-uri-stem as URL, count(*) AS ErrorCount from ‘E:Logs-SitesSitePremiumW3SVC246720831ex100521.log’ to ‘c:scriptslogsSitePremium500.csv’ WHERE sc-status >= 500 GROUP BY date, hour,sc-status,cs-uri-stem HAVING ErrorCount > 30 ORDER BY ErrorCount DESC
You must be logged in to submit a review.
To:
From: