Cheers for the reply guys.
Sadly, as I'm looking after only one of a few sites that each has its own
Nagios server and all the windows servers have Nsclient 3.3 installed. I can't
upgrade the version to support the newer commands as EVERY windows server in
the business would then need upgrading as well!
Unless there is a 'use old style commands' switch I can turn on? I didn't see
one in the .ini file so guessed it wasn't an option.
So I'm still struggling with my issue that the filter+generated=\<1d doesn't
seem to work right. If I use =\>1d I get loads of returns so it is filtering
something, but only what appears to be the last month, NOT including the last
36 hours.
Help?
Thanks again
Tristan
From: Michael Medin [mailto:mich...@medin.name]
Sent: 21 February 2011 13:42
To: nagios-users@lists.sourceforge.net; Tristan Drinkwater
Subject: Re: [Nagios-users] check event log
Hello,
It is generally much much simpler to use the new SQL-like syntax.
Then you end up writing something which looks a bit like this:
generated > -1d AND severity NOT IN ('success', 'informational')
There is some information on the wiki for how to use this here:
http://www.nsclient.org/nscp/wiki/CheckEventLog/CheckEventLog
For instance this could be a good starting point:
CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1
"filter=generated gt -2d AND severity NOT IN ('success', 'informational')"
truncate=800 unique descriptions "syntax=%severity%: %source%: %message%
(%count%)"
This requires a "modern" (as in 0.3.8) version of NSClient++.
// Michael Medin
2011-02-21 11:27 Tristan Drinkwater skrev:
Morning all (depending where you are in the world..)
I'm trying to catch all error and warning logs from application event folder
but I'm struggling with the filter+generated bit.
In a nut shell all I want is anything red that happened within the last 24
hours.
Here is my syntax I'm running from the libexec folder till I get it right;
./check_nrpe -H ip -p 5667 -c CheckEventLog -a filter=in file=application
filter.eventType==error filter+generated=\<24h MaxCrit=1
This return's 12 errors. Only 3 of which happened in the last 24 hours.
It seems to be either not using the filter I've detailed or making up its own
one!!
Can anyone see what I'm doing wrong?
Thanks in advance :)
________________________________
Micro Peripherals Limited.
Registered Office: Shorten Brook Way, Altham Business Park, Altham,
Accrington, Lancs. BB5 5YJ. Tel: (01282) 776776 Fax: (01282) 858790
Micro Peripherals Limited. Registered in England No. 1511931. VAT No. GB 864
4387 91
DISCLAIMER:
This e-mail and attachments are confidential and are intended solely for the
use of the individual to
whom it is addressed. Any views or opinions presented are solely those of the
author and do not
necessarily represent those of Micro Peripherals Limited.
If you are not the intended recipient, be advised that you have received this
Email in error and that
any use, dissemination, forwarding, printing, or copying of this Email is
strictly prohibited. If this
transmission is received in error please notify the sender immediately and
delete this message from
your E-mail system.
All electronic transmissions to and from Micro Peripherals Ltd are recorded and
may be monitored.
------------------------------------------------------------------------------
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find and fix more than 250 security defects in the development cycle.
Locate bottlenecks in serial and parallel code that limit performance.
http://p.sf.net/sfu/intel-dev2devfeb
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
------------------------------------------------------------------------------
Index, Search & Analyze Logs and other IT data in Real-Time with Splunk
Collect, index and harness all the fast moving IT data generated by your
applications, servers and devices whether physical, virtual or in the cloud.
Deliver compliance at lower cost and gain new business insights.
Free Software Download: http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
