-1

According to this article http://blog.medin.name/2012/03/20/real-time-event-log-monitoring-with-nsclient/

I succeccful used nsclient++ to push Windows Eventlog to a nagios server whenever a new eventlog produced.

But I didn't find a solution to do the same thing on linux.

I tried to use nsca, inotify and check_log plugin to do this.

But it didn't work.

Check_log plugin just got the summary of logfile, but i want to call send_nsca whenever a new line produced.

Any advices would be most welcome.

Thanks.

txworking
  • 479
  • 2
  • 6
  • 15

1 Answers1

1

Using NSCA for log processing is a bit of overkill.

It would be much easier to set up rsyslog to send logs to a central location, and have Nagios check that. (You can also use eventlog-to-syslog to achieve this on Windows.)

The stock check_log plugin is miserable; it parses the entire log file on every run, and uses diff to compare. Consol Labs has a much better check_logfiles plugin.

Be sure to read about volatile services, too.

Keith
  • 4,637
  • 15
  • 25