Cyril Chaboisseau
2006-Mar-05 09:05 UTC
[Logcheck-devel] Bug#355364: logcheck-database: please extend nagios rules to nagios2
Package: logcheck-database
Version: 1.2.43a
Severity: wishlist
when nagios2 is installed logcheck doesn't catch system messages with
the existing (nagios) rules
please, change "nagios:" to "nagios\[[0-9]+\]:" for all
lines
thanks
--
Cyril Chaboisseau
-------------- next part --------------
--- nagios 2005-10-23 06:13:15.000000000 +0200
+++ nagios.new 2006-03-05 10:03:09.000000000 +0100
@@ -1,17 +1,17 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Auto-save of retention data
completed successfully\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: LOG ROTATION:
(DAILY|WEEKLY|MONTHLY)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Nagios 1\.1 starting\.\.\.
\(PID=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE ALERT:
[._[:alnum:]-]+;[^;]+;(CRITICAL|WARNING|OK|UNKNOWN);(SOFT|HARD);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT
\()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE FLAPPING ALERT:
[._[:alnum:]-]+;[^;]+;STOPPED; Service appears to have stopped flapping
\([.[:digit:]]+% change < [.[:digit:]]+% threshold\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST ALERT:
[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);(SOFT|HARD);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST DOWNTIME ALERT:
[._[:alnum:]-]+;(STARTED|STOPPED);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST EVENT HANDLER:
[._[:alnum:]-]+;DOWN;(SOFT|HARD);[0-9]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND:
PROCESS_SERVICE_CHECK_RESULT;[._[:alnum:]-]+;[^;]+;[0-9]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND:
(ENABLE|DISABLE)_(HOST_|HOST_SVC_|SVC_)?NOTIFICATIONS;[._[:alnum:]-]+(;[^;]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND:
(ADD_SVC_COMMENT|ACKNOWLEDGE_SVC_PROBLEM);[._[:alnum:]-]+;[[:alnum:]]+;[0-9]+;([[:alnum:]]+;)?.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND:
SCHEDULE_HOST_DOWNTIME;[._[:alnum:]-]+;[0-9;]+;[[:alnum:]]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Warning: The results of service
'[ [:alnum:][:punct:]]+' on host '[._[:alnum:]-]+' are stale by
[[:digit:]]+ seconds \(threshold=[[:digit:]]+ seconds\). I'm forcing an
immediate check of the service\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Auto-save of retention
data completed successfully\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: LOG ROTATION:
(DAILY|WEEKLY|MONTHLY)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Nagios 1\.1 starting\.\.\.
\(PID=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE ALERT:
[._[:alnum:]-]+;[^;]+;(CRITICAL|WARNING|OK|UNKNOWN);(SOFT|HARD);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT
\()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE FLAPPING ALERT:
[._[:alnum:]-]+;[^;]+;STOPPED; Service appears to have stopped flapping
\([.[:digit:]]+% change < [.[:digit:]]+% threshold\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST ALERT:
[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);(SOFT|HARD);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST NOTIFICATION:
[._[:alnum:]-]+;[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST DOWNTIME ALERT:
[._[:alnum:]-]+;(STARTED|STOPPED);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST EVENT HANDLER:
[._[:alnum:]-]+;DOWN;(SOFT|HARD);[0-9]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND:
PROCESS_SERVICE_CHECK_RESULT;[._[:alnum:]-]+;[^;]+;[0-9]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND:
(ENABLE|DISABLE)_(HOST_|HOST_SVC_|SVC_)?NOTIFICATIONS;[._[:alnum:]-]+(;[^;]+)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND:
(ADD_SVC_COMMENT|ACKNOWLEDGE_SVC_PROBLEM);[._[:alnum:]-]+;[[:alnum:]]+;[0-9]+;([[:alnum:]]+;)?.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND:
SCHEDULE_HOST_DOWNTIME;[._[:alnum:]-]+;[0-9;]+;[[:alnum:]]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Warning: The results of
service '[ [:alnum:][:punct:]]+' on host '[._[:alnum:]-]+' are
stale by [[:digit:]]+ seconds \(threshold=[[:digit:]]+ seconds\). I'm
forcing an immediate check of the service\.$
# nrpe
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: Error: Could not complete
SSL handshake. 5$
Apparently Analagous Threads
- Bug#355364: logcheck-database: rules to match nagios|nagios2
- Bug#514335: logcheck-database: Nagios rules don't match the new nagios3 version
- Processed: Re: [Pkg-nagios-devel] Bug#325874: nagios-common: logcheck regexp issue
- Bug#359878: logcheck: extend exim rules to cope with multiple recipients
- Bug#590677: [logcheck-database] additional rules for nagios/radius
Wisdom of the Ancients
