Monitor Log Files via Crontab & Receive Email Notifications

 

To set up log file monitoring checks via CRONTAB and receive Email Notifications on those checks, see below:
 

 

root@nagios-primary ~# ./nlm  localhost:email  logrobot  autonda  /var/log/messages  1h  'kernel'  'timed out'  1  2  -ndshow  Kernel_Timeouts  Support@Logrobot.com

 

  • You can place the above command in Cron to run as often as you want it to

  • The name given to this particular log check is "Kernel_Timeouts"

    • The subject of the email alerts you receive will be similar to any of these:

  • CRITICAL:  [ Kernel_Timeouts ] localhost Log Scan [ ISSUES ].

  • WARNING:  [ Kernel_Timeouts ] localhost Log Scan [ ISSUES ].

  • OK:  [ Kernel_Timeouts ] localhost Log Scan [ RECOVERY ].

 

 

 

 

Monitor the [ /var/log ] Directory

  • Watch for files that were recently updated within [ 5 ] hours

  • If/When those files are found, scan them, watch for entries containing [ "ERROR" ]

  • If less than [ 15 ] entries are found containing [ "ERROR" ], do not alert - this is not an issue

  • If more than or equal to [ 15 ] entries are found, but less than [ 20 ], alert as WARNING

  • If more than or equal to [ 20 ] entries are found, alert as CRITICAL

  • If the above threshold is breached, send an email alert to the address [ logrobotTool@Gmail.com ]

  • In the alert show only the file(s) found in the [ /var/log ] directory that contained the [ "ERROR" ] string

 

Log Monitoring Example:

 

root@nagios-primary ~# ./nlm  monitor-01.net:email  logrobot  autoblz  /var/log  5h  'ERROR'  '.'  15  20  grahite_access_dirk14  -ndshow  logrobotTool@Gmail.com

 

Email Screen Shots of Log Monitoring Checks:

 

 

 

 

 

 

 

 

 

 

Back to Top

Copyright        |        Restrictions        |        Licensed Product        |        Grant of License        |        License Agreement