andrew bezella
2011-Dec-07 17:39 UTC
[Logcheck-devel] Bug#651319: ignore.d.server/nagios: SERVICE FLAPPING line doesn't allow whitespace
Package: logcheck-database
Version: 1.3.13
Severity: minor
in most cases whitespace is allowed in SERVICE names, but for the
SERVICE FLAPPING ALERT it is not. using the cases where
whitespace is allowed as a template, i made the following change:
--- /etc/logcheck/ignore.d.server/nagios 2010-09-03 01:25:15.000000000 -0700
+++ /tmp/nagios 2011-12-07 09:34:25.000000000 -0800
@@ -16,7 +16,7 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: Nagios
(1|2)\.[[:digit:]] starting\.\.\. \(PID=[[:digit:]]+\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE ALERT:
[._[:alnum:]-]+;[^;]+;(CRITICAL|WARNING|OK|UNKNOWN);(SOFT|HARD);.*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE ALERT:
[[:alnum:]]+;PING;(WARNING|OK).*$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE FLAPPING ALERT:
[._[:alnum:]-]+;[._[:alnum:]-]+;(STARTED|STOPPED); Service appears to have
(started|stopped) flapping \([[:digit:].]+% change (<|>=?) [.[:digit:]]+%
threshold\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE FLAPPING ALERT:
[._[:alnum:]-]+;[^;]+;(STARTED|STOPPED); Service appears to have
(started|stopped) flapping \([[:digit:].]+% change (<|>=?) [.[:digit:]]+%
threshold\)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT
\()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: SERVICE NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;CRITICAL;.*$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ nagios(2|3)?: Warning: Host
'[[:alnum:]]+' has no services associated with it\!$
and that seems to have resolved the issue.
thank you for your time and effort!
andy
-- System Information:
Debian Release: 6.0.3
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
-- no debconf information