nagios监控日志脚本check_logfile

nagios 自带的Plugin  check_log监控日志比较单一，对于对日志监控比较高的生产环境下还是不行的。

consol.de 出的check_logfile很不错很强大，支持正则表达式。详细官方说明如下:

http://labs.consol.de/lang/de/nagios/check_logfiles/

我以监控apache日志为例说明下这个怎么用。

wget    http://labs.consol.de/wp-content/uploads/2012/02/check_logfiles-3.4.7.1.tar.gz
tar xf check_logfiles-3.4.7.1.tar.gz
cd check_logfiles-3.4.7.1
./configure –prefix=/usr/local/nagios/ –with-nagios-user=nagios –with-nagios-group=nagios –with-seekfiles-dir=/usr/local/nagios/var/tmp/ –with-protocols-dir=/usr/local/nagios/var/tmp/ –with-perl=/usr/bin/perl –with-gzip=/bin/gzip
make && make install
###########################
#我们利用调用文件来监控，这样方便些
#创建log.conf
vim /usr/local/nagiso/etc/log.conf
@searches = (
{
tag => 'test_http',
logfile => '/var/log/httpd/access_log',
rotation => 'CentOs',
criticalpatterns => [
'.*401\s*571.*',
],
warningpatterns => [
'404'
]
},
);
#具体的详细配置可以看下官方介绍
在nrpe添加
command[check_logfiles]=/usr/local/nagios/libexec/check_logfiles –config=/usr/local/nagios/etc/log.cfg

1
2
1#执行

2

1
2
1/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

2

好了被监控端配置完成了
被监控端services.cfg

1
2
1define service {                 host_name     nagios_test                 service_description     chech_sanlogs              use generic-service,srv-pnp                 check_period                    24x7                 max_check_attempts        4                 normal_check_interval 1                 retry_check_interval 1                 contact_groups                nagcmd                 notification_interval     10                 notification_period         24x7                 notification_options        w,u,c,r                 check_command        check_log!20!check_logfiles              } vim etc/objects/commands.cfg define command{                  command_name check_log                  command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -t $ARG1$ -c $ARG2$                  }

2

1
2
1##重启下nagios,就OK了

2

正常状态：

告警状态

配合下图表看起来更方便