Tuesday, September 2nd 2014, 3:45am UTC+2

You are not logged in.

  • Login
  • Register

Dear visitor, welcome to Monitoring-Portal.
Although this is a german monitoring forum, please don't hesitate to post in English. Nearly everybody here understands you and will answer in English as well.
If this is your first visit here, please read the Help. It explains how this page works. You must be registered before you can use all the page's features. Please use the registration form to register here or read more information about the registration process. If you are already registered, please login here.

bsfez

Beginner

Posts: 44

Number of monitoring servers: 1

Nagios Version: 3.2.1

Distributed monitoring: Nein

Redundant monitoring: Nein

Number of hosts: 4

Number of services: 25

OS: debian squeeze

Plugin Version: nagios-plugins-1.4.15

NDO Version: 1

1

Wednesday, June 6th 2012, 2:14pm

[Solved] Setting Logwatch

Hi,

I would like to use logwatch on my already working check_mk (linux debian).
From http://mathias-kettner.de/checkmk_logfiles.html "Installing the logwatch extension" i have to copy mk_logwatch into "
/usr/lib/check_mk_agent/plugins/". (my install was default).

I don't have that directory however mk_logwatch has been installed here "/usr/share/check_mk/agents/plugins/mk_logwatch".

For my localhost the config file has been also installed by default here "/usr/share/check_mk/agents/logwatch.cfg".

I have check "/root/.check_mk_setup.conf" to look what is the value for "LOGWATCH_DIR" there is no such definition but i understand that drawback is "In the check_mk configuration directory you specified during setup.sh." so i copied it here confdir='/etc/check_mk'

I have set in logwatch.cfg the following to be sure i have some data to read:

Source code

1
/var/log/syslog /var/log/kern.log C panic C Oops W dovecot



What and where to go from here ?

I have a web accessible page : http://mynagios/check_mk/logwatch.py that doesn't show anything but : All Problematic Logfiles, my user and the time.
And "/var/lib/check_mk/logwatch" is empty.

This post has been edited 1 times, last edit by "bsfez" (Jun 20th 2012, 8:50am)


bsfez

Beginner

Posts: 44

Number of monitoring servers: 1

Nagios Version: 3.2.1

Distributed monitoring: Nein

Redundant monitoring: Nein

Number of hosts: 4

Number of services: 25

OS: debian squeeze

Plugin Version: nagios-plugins-1.4.15

NDO Version: 1

2

Sunday, June 10th 2012, 11:51am

To add some informations, i just add a Windows host.

I get automatically logwatch on the windows logs file

Quoted

OK LOG Application OK - no old or new error messages 34 min 45 sec
OK LOG Internet Explorer OK - no old or new error messages 34 min 45 sec
OK LOG Security OK - no old or new error messages 34 min 45 sec
WARN LOG System


I'm missing a small thing somewhere... :)

Edison

Trainee

Posts: 55

Birthday: Nov 18th

Gender: male

Location: Österreich

Occupation: Informatiker, SysAdmin

Number of monitoring servers: 9

Hobbies: IT

Nagios Version: 3.x

Distributed monitoring: Ja

Redundant monitoring: Nein

Number of hosts: 360

Number of services: 4500

OS: Linux, Windows, AIX

Plugin Version: 1.4.16

NagVis Version: 1.7.x

Other Addons: PNP4Nagios, check_MK, NagTrap

3

Sunday, June 10th 2012, 2:00pm

Hi,

you have to copy mk_logwatch to /usr/lib/check_mk_agent/plugins
Do get info about used directories use command: cmk --paths
The logwatch config file resides in /etc/check_mk and is named logwatch.cfg

Regards
Wolfgang

bsfez

Beginner

Posts: 44

Number of monitoring servers: 1

Nagios Version: 3.2.1

Distributed monitoring: Nein

Redundant monitoring: Nein

Number of hosts: 4

Number of services: 25

OS: debian squeeze

Plugin Version: nagios-plugins-1.4.15

NDO Version: 1

4

Wednesday, June 13th 2012, 11:22am

Hi Wolfgang,

you have to copy mk_logwatch to /usr/lib/check_mk_agent/plugins


As i explain i don't have this directory (read above), nevertheless i have set a symblink so this should be fixed.

Do get info about used directories use command: cmk --paths


Yes:

Source code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Files copied or created during installation
  Main components of check_mk                    : /usr/share/check_mk/modules/
  Checks                                         : /usr/share/check_mk/checks/
  Agents for operating systems                   : /usr/share/check_mk/agents/
  Documentatoin files                            : /usr/share/doc/check_mk/
  Check_MK's web pages                           : /usr/share/check_mk/web/
  Check manpages (for check_mk -M)               : /usr/share/doc/check_mk/checks/
  Binary plugins (architecture specific)         : /usr/lib/check_mk/
  Templates for PNP4Nagios                       : /usr/share/check_mk/pnp-templates/
  RRA configuration for PNP4Nagios               : /usr/share/check_mk/pnp-rraconf/
  Startscript for Nagios daemon                  : /etc/init.d/nagios3
  Path to Nagios executable                      : /usr/sbin/nagios3

Configuration files edited by you
  Directory that contains main.mk                : /etc/check_mk/
  Directory containing further *.mk files        : /etc/check_mk/conf.d/
  Main configuration file of Nagios              : /etc/nagios3/nagios.cfg
  Directory where Nagios reads all *.cfg files   : /etc/nagios3/conf.d/
  Directory where Apache reads all config files  : /etc/apache2/conf.d/
  Users/Passwords for HTTP basic authentication  : /etc/nagios3/htpasswd.users

Data created by Nagios/Check_MK at runtime
  Base working directory for variable data       : /var/lib/check_mk/
  Checks found by inventory                      : /var/lib/check_mk/autochecks/
  Precompiled host checks                        : /var/lib/check_mk/precompiled/
  Stored snmpwalks (output of --snmpwalk)        : /var/lib/check_mk/snmpwalks/
  Current state of performance counters          : /var/lib/check_mk/counters/
  Cached output from agents                      : /var/lib/check_mk/cache/
  Unacknowledged logfiles of logwatch extension  : /var/lib/check_mk/logwatch/
  File into which Nagios configuration is written: /etc/nagios3/conf.d/check_mk_objects.cfg
  Path to Nagios status.dat                      : /var/cache/nagios3/status.dat

Sockets and pipes
  Nagios' command pipe                           : /var/lib/nagios3/rw/nagios.cmd
  Nagios' check results directory                : /var/lib/nagios3/spool/checkresults
  Socket of Check_MK's livestatus module         : /var/lib/nagios3/rw/live

Locally installed addons


In "/var/lib/check_mk/logwatch/" I can see a folder named by the windows host i have. (logwatch work for this host only).

Logwatching the Winserver worked without a glinch.
At this host inventory were installed automatically (LOG Application, LOG Internet Explorer, LOG Security, LOG System) and an icon (red folder) that leads me to the logwatch page (even if empty).

What or where am i supposed to see the logs of a remote/local linux host ?
Should i set anything on the remote hosts ?

regards
Bernard

This post has been edited 1 times, last edit by "bsfez" (Jun 13th 2012, 11:36am)


bsfez

Beginner

Posts: 44

Number of monitoring servers: 1

Nagios Version: 3.2.1

Distributed monitoring: Nein

Redundant monitoring: Nein

Number of hosts: 4

Number of services: 25

OS: debian squeeze

Plugin Version: nagios-plugins-1.4.15

NDO Version: 1

5

Thursday, June 14th 2012, 11:38am

Digging futher i went to check the differences between the checks being performed for teh WINserv and my localhost.

In "/var/lib/check_mk/autochecks/" i compare winservIP.mk and localhost.mk

My winserv checks show

Source code

1
2
3
4
("winservIP", "logwatch", 'Application', ""),
("winservIP", "logwatch", 'Internet Explorer', ""),
("winservIP", "logwatch", 'Security', ""),
("winservIP", "logwatch", 'System', ""),


Nothing about logwatch in my locahost.mk

So i add it (elephant method i agree) as simple as i could and now in my localhost.mk i have :

Source code

1
  ("Localhost", "logwatch", 'Syslog', ""),


results : i do have a new input : "LOG Syslog" in my services for Locahost.
It says Pending (forever) and i have the red folder that link to the logwatch page.

I have also a warning from check_mk
WARN Check_MK [Reschedule an immediate check of this service] WARN - Missing agent sections: logwatch - execution time 0.1 sec


If think i just need a little push to get this work ! :)

Bernard

PS : As i see another discussion about it, i may add that i never configured my different host using multisite.mk.
They worked and appears naturally as Nagios was set right just by adding them in main.mk

This post has been edited 1 times, last edit by "bsfez" (Jun 14th 2012, 1:36pm)


bsfez

Beginner

Posts: 44

Number of monitoring servers: 1

Nagios Version: 3.2.1

Distributed monitoring: Nein

Redundant monitoring: Nein

Number of hosts: 4

Number of services: 25

OS: debian squeeze

Plugin Version: nagios-plugins-1.4.15

NDO Version: 1

6

Tuesday, June 19th 2012, 1:39pm

Ah !

I update to 1.2.0p1 including check_mk agent and logwatch on each host.
Tada it is working !

This post has been edited 1 times, last edit by "bsfez" (Jun 20th 2012, 8:50am)