Powerful, Robust, Versatile, Multi-Featured Log Monitoring tool for Nagios
Using LoGrobot with Nagios (nrpe)
define command {
command_name nrpe_args
command_line $USER1$/check_nrpe -t 20 -n -u -H $HOSTNAME$ -c $ARG1$ -a $ARG2$
}
OR
define command {
command_name nrpe_args
command_line $USER1$/check_nrpe -t 20 -n -u -H $HOSTADDRESS$ -c $ARG1$ -a $ARG2$
}
define service {
check_command nrpe_args!logxray!'localhost /var/tmp/logXray autonda /opt/apps/alert.log 60m 'ERROR' '.' 5 5 tomcat_logchk -ndshow'
service_description PLM LogCheck - Tomcat
notifications_enabled 0
max_check_attempts 1
check_interval 60
contact_groups retail-group
host_name monitor-01.logrobot.com,monitor-02.logrobot.com,monitor-03.logrobot.com
use unix_service
}
command[logxray]=/usr/lib64/nagios/plugins/logxray $ARG1$
1). scp the LoGrobot/LoGXray package to the remote node(s)
2). Go to the remote node you just scped the logXray zip file to (ssh to it)
3). unzip the LoGrobot/LoGxray package
4). cd to the logXray directory, then run the following command:
./install.sh /var/tmp/logXray /bin -force (you can replace '/bin' with your actual nagios plugins directory)
./check_nrpe -t 40 -n -u -H (ip-of-one-of-your-remote-nodes) -c check_unix_logs -a 'localhost /var/tmp/logXray autonda /opt/apps/alert.log 60m 'ERROR' '.' 5 5 tomcat_logchk -ndshow'
Using LoGrobot with the logXray agent
define command {
command_name NLM
command_line $USER1$/nlm $ARG1$ $HOSTNAME$ $ARG2$ $ARG3$ $ARG4$ "$ARG5$" "$ARG6$" $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$
}
OR
define command {
command_name NLM
command_line $USER1$/nlm $ARG1$ $HOSTADDRESS$ $ARG2$ $ARG3$ $ARG4$ "$ARG5$" "$ARG6$" $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$
}
define service {
check_command NLM!logxray!/var/tmp/logXray!autonda!/var/log/proteus.log!15m!500.html!500 Internal Server Error!1!2!500_Errors!-ndshow
max_check_attempts 1
service_description 500_ERRORS_LOGCHECK
host_name logxray-01.com,logxray-02.com,logxray-03.com
use five-minute-interval
}
1). scp the LoGrobot/LoGXray package to the remote node(s)
2). Go to the remote node you just scped the logXray zip file to (ssh to it)
3). unzip the LoGrobot/LoGxray package
4). cd to the logXray directory, then run the following command:
./install.sh /var/tmp/logXray /bin -force (you can replace '/bin' with your actual nagios plugins directory)
Run another command to spring up the [ logXray agent ] so that your MASTER Nagios server(s) can communicate with it:
./custom_monitoring_agent /var/tmp/logXray 1040 force
i.e:
./custom_monitoring_agent /var/tmp/logXray 1040 10.100.10.111,10.100.10.112 force
5). Verify that the logXray remote agent is up and running:
xray_agent status
---------------------
To verify Email works:
---------------------
nlm logxray :1040:emailing /var/tmp/logXray autonda /var/log/messages 60m '.' '.' 1 2 errors_monwatch -ndfoundn errors_monwatch ,Support@LoGrobot.com
i.e:
nlm logxray nagmoap002.phx.logrobot.com:1040:emailing /var/tmp/logXray autonda /var/log/messages 60m '.' '.' 1 2 errors_monwatch -ndfoundn errors_monwatch Jane.Doe@janedoe.com,Support@LoGrobot.com
-----------------------------------------------------------------------------------------------------------
To verify integration with other Monitoring Application works (Nagios, Zenoss, Zabbix, Sensu, Tivoli...etc):
-----------------------------------------------------------------------------------------------------------
nlm logxray nagmoap002.phx.logrobot.com:1040 /var/tmp/logXray,noextraoutput autonda /var/log/messages 60m '.' '.' 1 2 test_tag2 -ndshow
-----------------------------------------------------------------------------------------------------------
No responses from the nlm command:
-----------------------------------------------------------------------------------------------------------
When you run nlm/logXray with the ":emailing" option, you will not see any output on your terminal. It produces none. You will however receive email notifications instead.
If no email notification is received, make sure the xray_agent is up and running on the remote host on which you're running the nlm command against.
Log File Content
Scan content of log files for new occurrences (or lack thereof) of specific keywords, strings or patterns.
Log File Size
Monitor the sizes of single or multiple log files - alert if log size breaches predefined thresholds.
Log File Growth
Monitor the growth of single or multiple log files - alert when the monitored logs stop receiving new data.
Log File Timestamp
Monitor the timestamp of single or multiple logs. Alert, if logs are older than X amount of minutes or hours.