Nagios to monitor syslogs


#1

Hi all,

I am currently evaluating Nagios to replace a monitoring system we have in place. Our current monitoring system read log files and depending on certain messages we have created filters. Some of the messages invoke automated actions. I would like to know how easy it would be to create a similar setup using Nagios. Also are there any plugins that parse the syslog files.

Regards,

TP.


#2

You could try SEC. There was a write up about it in SysAdmin magazine a while back.

Google it for more info.


#3

check_log plugin seems to work just fine. I’m parsing log files with it on 10 different Solaris machines.


#4

Would you expand on that answer with information regarding how he might then invoke the automated actions? I assume it would incorporate eventhandlers somehow, but I’m not clear on how this would work overall.

Mike B.


#5

Yes, use eventhandlers to perform the automated response. For example, if you find “httpd down” in the log file, then the eventhandler is fired off, and the daemon is restarted. I don’t really know what you mean by expand on my answer, since eventhandlers are covered in the docs. Please be more specific as to what you are missing.