设为首页 收藏本站
查看: 763|回复: 0

nagios插件check_log检查日记关键字

[复制链接]

尚未签到

发表于 2019-1-14 06:00:19 | 显示全部楼层 |阅读模式
  插件check_log相关代码如下:
  -----------------------------------------------------------------------------------------
  #! /bin/sh
  #
  # Log file pattern detector plugin for Nagios
  # Written by Ethan Galstad (nagios@nagios.org)
  # Last Modified: 07-31-1999
  #
  # Usage: ./check_log   
  #
  # Description:
  #
  # This plugin will scan a log file (specified by the  option)
  # for a specific pattern (specified by the  option).  Successive
  # calls to the plugin script will only report *new* pattern matches in the
  # log file, since an copy of the log file from the previous run is saved
  # to .
  #
  # Output:
  #
  # On the first run of the plugin, it will return an OK state with a message
  # of "Log check data initialized".  On successive runs, it will return an OK
  # state if *no* pattern matches have been found in the *difference* between the
  # log file and the older copy of the log file.  If the plugin detects any
  # pattern matches in the log diff, it will return a CRITICAL state and print
  # out a message is the following format: "(x) last_match", where "x" is the
  # total number of pattern matches found in the file and "last_match" is the
  # last entry in the log file which matches the pattern.
  #
  # Notes:
  #
  # If you use this plugin make sure to keep the following in mind:
  #
  #    1.  The "max_attempts" value for the service should be 1, as this
  #        will prevent Nagios from retrying the service check (the
  #        next time the check is run it will not produce the same results).
  #
  #    2.  The "notify_recovery" value for the service should be 0, so that
  #        Nagios does not notify you of "recoveries" for the check.  Since
  #        pattern matches in the log file will only be reported once and not
  #        the next time, there will always be "recoveries" for the service, even
  #        though recoveries really don't apply to this type of check.
  #
  #    3.  You *must* supply a different  for each service that
  #        you define to use this plugin script - even if the different services
  #        check the same  for pattern matches.  This is necessary
  #        because of the way the script operates.
  #
  # Examples:
  #
  # Check for login failures in the syslog...
  #
  #   check_log /var/log/messages ./check_log.badlogins.old "LOGIN FAILURE"
  #
  # Check for port scan alerts generated by Psionic's PortSentry software...
  #
  #   check_log /var/log/message ./check_log.portscan.old "attackalert"
  #
  # Paths to commands used in this script.  These
  # may have to be modified to match your system setup.
  # TV: removed PATH restriction. Need to think more about what this means overall
  #PATH=""
  #将文件编码修改,解决乱码问题
  cd /home/syslogin/2.250log/serverlog
  #iconv -f gbk -t utf8 xh.log > xhutf8.log
  #iconv -f gbk -t utf8 dj.log > djutf8.log
  ECHO="/bin/echo"
  GREP="/bin/egrep"
  DIFF="/usr/bin/diff"
  TAIL="/usr/bin/tail"
  CAT="/bin/cat"
  RM="/bin/rm"
  CHMOD="/bin/chmod"
  TOUCH="/bin/touch"
  PROGNAME=`/bin/basename $0`
  PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'`
  REVISION="1.4.15"
  . $PROGPATH/utils.sh
  print_usage() {
  echo "Usage: $PROGNAME -F logfile -O oldlog -q query"
  echo "Usage: $PROGNAME --help"
  echo "Usage: $PROGNAME --version"
  }
  print_help() {
  print_revision $PROGNAME $REVISION
  echo ""
  print_usage
  echo ""
  echo "Log file pattern detector plugin for Nagios"
  echo ""
  support
  }
  # Make sure the correct number of command line
  # arguments have been supplied
  if [ $# -lt 1 ]; then
  print_usage
  exit $STATE_UNKNOWN
  fi
  # Grab the command line arguments
  #logfile=$1
  #oldlog=$2
  #query=$3
  exitstatus=$STATE_WARNING #default
  while test -n "$1"; do
  case "$1" in
  --help)
  print_help
  exit $STATE_OK
  ;;
  -h)
  print_help
  exit $STATE_OK
  ;;
  --version)
  print_revision $PROGNAME $REVISION
  exit $STATE_OK
  ;;
  -V)
  print_revision $PROGNAME $REVISION
  exit $STATE_OK
  ;;
  --filename)
  logfile=$2
  shift
  ;;
  -F)
  logfile=$2
  shift
  ;;
  --oldlog)
  oldlog=$2
  shift
  ;;
  -O)
  oldlog=$2
  shift
  ;;
  --query)
  query=$2
  shift
  ;;
  -q)
  query=$2
  shift
  ;;
  -x)
  exitstatus=$2
  shift
  ;;
  --exitstatus)
  exitstatus=$2
  shift
  ;;
  *)
  echo "Unknown argument: $1"
  print_usage
  exit $STATE_UNKNOWN
  ;;
  esac
  shift
  done
  # If the source log file doesn't exist, exit
  if [ ! -e $logfile ]; then
  $ECHO "Log check error: Log file $logfile does not exist!\n"
  exit $STATE_UNKNOWN
  elif [ ! -r $logfile ] ; then
  $ECHO "Log check error: Log file $logfile is not readable!\n"
  exit $STATE_UNKNOWN
  fi
  # If the old log file doesn't exist, this must be the first time
  # we're running this test, so copy the original log file over to
  # the old diff file and exit
  if [ ! -e $oldlog ]; then
  $CAT $logfile > $oldlog
  $ECHO "Log check data initialized...\n"
  exit $STATE_OK
  fi
  # The old log file exists, so compare it to the original log now
  # The temporary file that the script should use while
  # processing the log file.
  if [ -x /bin/mktemp ]; then
  tempdiff=`/bin/mktemp /tmp/check_log.XXXXXXXXXX`
  else
  tempdiff=`/bin/date '+%H%M%S'`
  tempdiff="/tmp/check_log.${tempdiff}"
  $TOUCH $tempdiff
  $CHMOD 600 $tempdiff
  fi
  $DIFF $logfile $oldlog | $GREP -v "^>" > $tempdiff
  # Count the number of matching log entries we have
  count=`$GREP -c "$query" $tempdiff`
  # Get the last matching entry in the diff file
  lastentry=`$GREP "$query" $tempdiff | $TAIL -1`
  $RM -f $tempdiff
  $CAT $logfile > $oldlog
  if [ $count -lt 2 ]; then # no matches, exit with no error
  gj=`tail -1 $logfile | cut -c 1-20`
  $ECHO "日志正常,检测最后时间是$gj,没有产生关键字眼→→$query"
  exitstatus=$STATE_OK
  else # Print total matche count and the last entry we found
  gj=`echo $lastentry | cut -c 1-21`
  $ECHO "警告信息数为:$count 条,产生关键字眼 $query"
  exitstatus=$STATE_CRITICAL
  fi
  exit $exitstatus
  -----------------------------------------------------------------------------------------
  1,首先定义命令check_log;
  #cd /usr/local/nagios/etc/objects
  #vi commands.cfg
  # 'check_log'command detinition
  define command{
  command_name     check_log
  command_line     $USER1$/check_log -F "$ARG1$" -O "$ARG2$" -q "$ARG3$"
  }
  2,定义监控参数;
  define host{
  use  linux-server
  host_name     log-localhost
  alias         the log of localhost
  address    127.0.0.1
  }
  define service{
  use  local-service
  host_name   log-localhost
  service_description   messages日记关键字stop
  check_command        check_log!/var/log/messages!/var/log/messages.arc!stop
  }
  define service{
  use  local-service
  host_name   log-localhost
  service_description  messages日记关键字nagios error
  check_command        check_log!/var/log/messages!/var/log/messages.arc!nagios error
  }


运维网声明 1、欢迎大家加入本站运维交流群:群②:261659950 群⑤:202807635 群⑦870801961 群⑧679858003
2、本站所有主题由该帖子作者发表,该帖子作者与运维网享有帖子相关版权
3、所有作品的著作权均归原作者享有,请您和我们一样尊重他人的著作权等合法权益。如果您对作品感到满意,请购买正版
4、禁止制作、复制、发布和传播具有反动、淫秽、色情、暴力、凶杀等内容的信息,一经发现立即删除。若您因此触犯法律,一切后果自负,我们对此不承担任何责任
5、所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其内容的准确性、可靠性、正当性、安全性、合法性等负责,亦不承担任何法律责任
6、所有作品仅供您个人学习、研究或欣赏,不得用于商业或者其他用途,否则,一切后果均由您自己承担,我们对此不承担任何法律责任
7、如涉及侵犯版权等问题,请您及时通知我们,我们将立即采取措施予以解决
8、联系人Email:admin@iyunv.com 网址:www.yunweiku.com

所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其承担任何法律责任,如涉及侵犯版权等问题,请您及时通知我们,我们将立即处理,联系人Email:kefu@iyunv.com,QQ:1061981298 本贴地址:https://www.yunweiku.com/thread-662874-1-1.html 上篇帖子: python nagios plugins 下篇帖子: nagios发邮件报错-timed out after 30 seconds
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

扫码加入运维网微信交流群X

扫码加入运维网微信交流群

扫描二维码加入运维网微信交流群,最新一手资源尽在官方微信交流群!快快加入我们吧...

扫描微信二维码查看详情

客服E-mail:kefu@iyunv.com 客服QQ:1061981298


QQ群⑦:运维网交流群⑦ QQ群⑧:运维网交流群⑧ k8s群:运维网kubernetes交流群


提醒:禁止发布任何违反国家法律、法规的言论与图片等内容;本站内容均来自个人观点与网络等信息,非本站认同之观点.


本站大部分资源是网友从网上搜集分享而来,其版权均归原作者及其网站所有,我们尊重他人的合法权益,如有内容侵犯您的合法权益,请及时与我们联系进行核实删除!



合作伙伴: 青云cloud

快速回复 返回顶部 返回列表