CheckLogFile

`CheckLogFile` — CheckLogFile¶

File for checking log files and various other forms of updating text files

Queries (Overview):

A list of all available queries (check commands)

Command	Description
`check_logfile`	Check for errors in log file or generic pattern matching in text files.

Aliases (Overview):

A list of all short hand aliases for queries (check commands)

Command	Description
checklogfile	Alias for: `check_logfile`

Commands (Overview):

TODO: Add a list of all external commands (this is not check commands)

Configuration (Overview):

Common Keys:

Path / Section	Key	Description
`/settings/logfile/real-time`	`enabled`	REAL TIME CHECKING

Sample keys:

Path / Section	Key	Default Value
`/settings/logfile/real-time/checks/sample`	`alias`	ALIAS
`/settings/logfile/real-time/checks/sample`	`column split`	COLUMN SPLIT
`/settings/logfile/real-time/checks/sample`	`command`	COMMAND NAME
`/settings/logfile/real-time/checks/sample`	`critical`	CRITICAL FILTER
`/settings/logfile/real-time/checks/sample`	`debug`	DEBUG
`/settings/logfile/real-time/checks/sample`	`destination`	DESTINATION
`/settings/logfile/real-time/checks/sample`	`detail syntax`	SYNTAX
`/settings/logfile/real-time/checks/sample`	`empty message`	EMPTY MESSAGE
`/settings/logfile/real-time/checks/sample`	`file`	FILE
`/settings/logfile/real-time/checks/sample`	`files`	FILES
`/settings/logfile/real-time/checks/sample`	`filter`	FILTER
`/settings/logfile/real-time/checks/sample`	`is template`	IS TEMPLATE
`/settings/logfile/real-time/checks/sample`	`maximum age`	MAGIMUM AGE
`/settings/logfile/real-time/checks/sample`	`ok`	OK FILTER
`/settings/logfile/real-time/checks/sample`	`ok syntax`	SYNTAX
`/settings/logfile/real-time/checks/sample`	`parent`	PARENT
`/settings/logfile/real-time/checks/sample`	`perf config`	PERF CONFIG
`/settings/logfile/real-time/checks/sample`	`severity`	SEVERITY
`/settings/logfile/real-time/checks/sample`	`target`	DESTINATION
`/settings/logfile/real-time/checks/sample`	`top syntax`	SYNTAX
`/settings/logfile/real-time/checks/sample`	`warning`	WARNING FILTER

Queries¶

A quick reference for all available queries (check commands) in the CheckLogFile module.

`check_logfile`¶

CheckLogFilecheck_logfile

Usage:

Option	Default Value	Description
`help`	N/A	Show help screen (this screen)
`help-pb`	N/A	Show help screen as a protocol buffer payload
`show-default`	N/A	Show default values for a given command
`help-short`	N/A	Show help screen (short format).
`debug`	N/A	Show debugging information in the log
`show-all`	N/A	Show debugging information in the log
`filter`		Filter which marks interesting items.
`warning`		Filter which marks items which generates a warning state.
`warn`		Short alias for warning
`critical`		Filter which marks items which generates a critical state.
`crit`		Short alias for critical.
`ok`		Filter which marks items which generates an ok state.
`empty-state`	ignored	Return status to use when nothing matched filter.
`perf-config`		Performance data generation configuration
`top-syntax`	${count}/${total} (${problem_list})	Top level syntax.
`ok-syntax`		ok syntax.
`empty-syntax`	%(status): Nothing found	Empty syntax.
`detail-syntax`	${column1}	Detail level syntax.
`perf-syntax`	${column1}	Performance alias syntax.
`line-split`	n	Character string used to split a file into several lines (default n)
`column-split`	t	Character string to split a line into several columns (default t)
`split`		Alias for split-column
`file`		File to read (can be specified multiple times to check multiple files.
`files`		A comma separated list of files to scan (same as file except a list)

Arguments¶

help (CheckLogFile, check_logfile)¶: Show help screen (this screen)

help-pb (CheckLogFile, check_logfile)¶: Show help screen as a protocol buffer payload

show-default (CheckLogFile, check_logfile)¶: Show default values for a given command

help-short (CheckLogFile, check_logfile)¶: Show help screen (short format).

debug (CheckLogFile, check_logfile)¶: Show debugging information in the log

show-all (CheckLogFile, check_logfile)¶: Show debugging information in the log

filter (CheckLogFile, check_logfile)¶: Filter which marks interesting items.

Interesting items are items which will be included in the check.

They do not denote warning or critical state but they are checked use this to filter out unwanted items.

Available options:

column1 column2 column3 column4 column5 column6 column7 column8 column9 file filename line column() Syntax: column(<coulmn number>) count total ok_count warn_count crit_count problem_count list ok_list warn_list crit_list problem_list detail_list status ================================

warning (CheckLogFile, check_logfile)¶: Filter which marks items which generates a warning state.

If anything matches this filter the return status will be escalated to warning.

Available options:

column1 column2 column3 column4 column5 column6 column7 column8 column9 file filename line column() Syntax: column(<coulmn number>) count total ok_count warn_count crit_count problem_count list ok_list warn_list crit_list problem_list detail_list status ================================

warn (CheckLogFile, check_logfile)¶: Short alias for warning

critical (CheckLogFile, check_logfile)¶: Filter which marks items which generates a critical state.

If anything matches this filter the return status will be escalated to critical.

Available options:

column1 column2 column3 column4 column5 column6 column7 column8 column9 file filename line column() Syntax: column(<coulmn number>) count total ok_count warn_count crit_count problem_count list ok_list warn_list crit_list problem_list detail_list status ================================

crit (CheckLogFile, check_logfile)¶: Short alias for critical.

ok (CheckLogFile, check_logfile)¶: Filter which marks items which generates an ok state.

If anything matches this any previous state for this item will be reset to ok.

Available options:

column1 column2 column3 column4 column5 column6 column7 column8 column9 file filename line column() Syntax: column(<coulmn number>) count total ok_count warn_count crit_count problem_count list ok_list warn_list crit_list problem_list detail_list status ================================

empty-state (CheckLogFile, check_logfile)¶: Return status to use when nothing matched filter.

If no filter is specified this will never happen unless the file is empty.

perf-config (CheckLogFile, check_logfile)¶: Performance data generation configuration

TODO: obj ( key: value; key: value) obj (key:valuer;key:value)

top-syntax (CheckLogFile, check_logfile)¶

Top level syntax.

Used to format the message to return can include strings as well as special keywords such as:

Key	Value
%(column1)	The value in the first column
%(column2)	The value in the second column
%(column3)	The value in the third column
%(column4)	The value in the 4:th column
%(column5)	The value in the 5:th column
%(column6)	The value in the 6:th column
%(column7)	The value in the 7:th column
%(column8)	The value in the 8:th column
%(column9)	The value in the 9:th column
%(file)	The name of the file
%(filename)	The name of the file
%(line)	Match the content of an entire line
${count}	Number of items matching the filter
${total}	Total number of items
${ok_count}	Number of items matched the ok criteria
${warn_count}	Number of items matched the warning criteria
${crit_count}	Number of items matched the critical criteria
${problem_count}	Number of items matched either warning or critical criteria
${list}	A list of all items which matched the filter
${ok_list}	A list of all items which matched the ok criteria
${warn_list}	A list of all items which matched the warning criteria
${crit_list}	A list of all items which matched the critical criteria
${problem_list}	A list of all items which matched either the critical or the warning criteria
${detail_list}	A special list with critical, then warning and fainally ok
${status}	The returned status (OK/WARN/CRIT/UNKNOWN)

ok-syntax (CheckLogFile, check_logfile)¶: ok syntax.

DEPRECATED! This is the syntax for when an ok result is returned.

This value will not be used if your syntax contains %(list) or %(count).

empty-syntax (CheckLogFile, check_logfile)¶

Empty syntax.
DEPRECATED! This is the syntax for when nothing matches the filter.
Possible values are:

Key	Value
%(column1)	The value in the first column
%(column2)	The value in the second column
%(column3)	The value in the third column
%(column4)	The value in the 4:th column
%(column5)	The value in the 5:th column
%(column6)	The value in the 6:th column
%(column7)	The value in the 7:th column
%(column8)	The value in the 8:th column
%(column9)	The value in the 9:th column
%(file)	The name of the file
%(filename)	The name of the file
%(line)	Match the content of an entire line
${count}	Number of items matching the filter
${total}	Total number of items
${ok_count}	Number of items matched the ok criteria
${warn_count}	Number of items matched the warning criteria
${crit_count}	Number of items matched the critical criteria
${problem_count}	Number of items matched either warning or critical criteria
${list}	A list of all items which matched the filter
${ok_list}	A list of all items which matched the ok criteria
${warn_list}	A list of all items which matched the warning criteria
${crit_list}	A list of all items which matched the critical criteria
${problem_list}	A list of all items which matched either the critical or the warning criteria
${detail_list}	A special list with critical, then warning and fainally ok
${status}	The returned status (OK/WARN/CRIT/UNKNOWN)

detail-syntax (CheckLogFile, check_logfile)¶

Detail level syntax.
This is the syntax of each item in the list of top-syntax (see above).
Possible values are:

Key	Value
%(column1)	The value in the first column
%(column2)	The value in the second column
%(column3)	The value in the third column
%(column4)	The value in the 4:th column
%(column5)	The value in the 5:th column
%(column6)	The value in the 6:th column
%(column7)	The value in the 7:th column
%(column8)	The value in the 8:th column
%(column9)	The value in the 9:th column
%(file)	The name of the file
%(filename)	The name of the file
%(line)	Match the content of an entire line
${count}	Number of items matching the filter
${total}	Total number of items
${ok_count}	Number of items matched the ok criteria
${warn_count}	Number of items matched the warning criteria
${crit_count}	Number of items matched the critical criteria
${problem_count}	Number of items matched either warning or critical criteria
${list}	A list of all items which matched the filter
${ok_list}	A list of all items which matched the ok criteria
${warn_list}	A list of all items which matched the warning criteria
${crit_list}	A list of all items which matched the critical criteria
${problem_list}	A list of all items which matched either the critical or the warning criteria
${detail_list}	A special list with critical, then warning and fainally ok
${status}	The returned status (OK/WARN/CRIT/UNKNOWN)

perf-syntax (CheckLogFile, check_logfile)¶

Performance alias syntax.
This is the syntax for the base names of the performance data.
Possible values are:

Key	Value
%(column1)	The value in the first column
%(column2)	The value in the second column
%(column3)	The value in the third column
%(column4)	The value in the 4:th column
%(column5)	The value in the 5:th column
%(column6)	The value in the 6:th column
%(column7)	The value in the 7:th column
%(column8)	The value in the 8:th column
%(column9)	The value in the 9:th column
%(file)	The name of the file
%(filename)	The name of the file
%(line)	Match the content of an entire line
${count}	Number of items matching the filter
${total}	Total number of items
${ok_count}	Number of items matched the ok criteria
${warn_count}	Number of items matched the warning criteria
${crit_count}	Number of items matched the critical criteria
${problem_count}	Number of items matched either warning or critical criteria
${list}	A list of all items which matched the filter
${ok_list}	A list of all items which matched the ok criteria
${warn_list}	A list of all items which matched the warning criteria
${crit_list}	A list of all items which matched the critical criteria
${problem_list}	A list of all items which matched either the critical or the warning criteria
${detail_list}	A special list with critical, then warning and fainally ok
${status}	The returned status (OK/WARN/CRIT/UNKNOWN)

line-split (CheckLogFile, check_logfile)¶: Character string used to split a file into several lines (default n)

column-split (CheckLogFile, check_logfile)¶: Character string to split a line into several columns (default t)

split (CheckLogFile, check_logfile)¶: Alias for split-column

file (CheckLogFile, check_logfile)¶: File to read (can be specified multiple times to check multiple files.

Notice that specifying multiple files will create an aggregate set it will not check each file individually.

In other words if one file contains an error the entire check will result in error or if you check the count it is the global count which is used.

files (CheckLogFile, check_logfile)¶: A comma separated list of files to scan (same as file except a list)

/ settings/ logfile¶

/settings/logfile (CheckLogFile)¶

LOG FILE SECTION

Section for log file checker

Sample:
# LOG FILE SECTION
# Section for log file checker
[/settings/logfile]

… / real-time¶

/settings/logfile/real-time (CheckLogFile)¶

CONFIGURE REALTIME CHECKING

A set of options to configure the real time checks

Key Default Value Description

enabled 0 REAL TIME CHECKING

Sample:
# CONFIGURE REALTIME CHECKING
# A set of options to configure the real time checks
[/settings/logfile/real-time]
enabled=0
enabled (CheckLogFile, /settings/logfile/real-time)¶
REAL TIME CHECKING

Spawns a background thread which waits for file changes.

Path: /settings/logfile/real-time

Key: enabled

Default value: 0

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time]
# REAL TIME CHECKING
enabled=0

… / real-time / checks¶

/settings/logfile/real-time/checks (CheckLogFile)¶

REALTIME FILTERS

A set of filters to use in real-time mode

Sample:
# REALTIME FILTERS
# A set of filters to use in real-time mode
[/settings/logfile/real-time/checks]

… / real-time / checks / sample¶

/settings/logfile/real-time/checks/sample (CheckLogFile)¶

REAL TIME FILTER DEFENITION

Definition for real time filter: sample

Key Default Value Description

alias ALIAS

column split COLUMN SPLIT

command COMMAND NAME

critical CRITICAL FILTER

debug 0 DEBUG

destination DESTINATION

detail syntax SYNTAX

empty message eventlog found no records EMPTY MESSAGE

file FILE

files FILES

filter FILTER

is template 0 IS TEMPLATE

maximum age 5m MAGIMUM AGE

ok OK FILTER

ok syntax SYNTAX

parent default PARENT

perf config PERF CONFIG

severity SEVERITY

target DESTINATION

top syntax SYNTAX

warning WARNING FILTER

Sample:
# REAL TIME FILTER DEFENITION
# Definition for real time filter: sample
[/settings/logfile/real-time/checks/sample]
alias=
column split=
command=
critical=
debug=0
destination=
detail syntax=
empty message=eventlog found no records
file=
files=
filter=
is template=0
maximum age=5m
ok=
ok syntax=
parent=default
perf config=
severity=
target=
top syntax=
warning=
alias (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
ALIAS

The alias (service name) to report to server

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: alias

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# ALIAS
alias=
column split (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
COLUMN SPLIT

THe character(s) to use when splitting on column level

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: column split

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# COLUMN SPLIT
column split=
command (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
COMMAND NAME

The name of the command (think nagios service name) to report up stream (defaults to alias if not set)

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: command

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# COMMAND NAME
command=
critical (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
CRITICAL FILTER

If any rows match this filter severity will escalated to CRITICAL

Path: /settings/logfile/real-time/checks/sample

Key: critical

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# CRITICAL FILTER
critical=
debug (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
DEBUG

Enable this to display debug information for this match filter

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: debug

Default value: 0

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# DEBUG
debug=0
destination (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
DESTINATION

The destination for intercepted messages

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: destination

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# DESTINATION
destination=
detail syntax (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
SYNTAX

Format string for dates

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: detail syntax

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# SYNTAX
detail syntax=
empty message (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
EMPTY MESSAGE

The message to display if nothing matches the filter (generally considered the ok state).

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: empty message

Default value: eventlog found no records

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# EMPTY MESSAGE
empty message=eventlog found no records
file (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
FILE

The eventlog record to filter on (if set to ‘all’ means all enabled logs)

Path: /settings/logfile/real-time/checks/sample

Key: file

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# FILE
file=
files (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
FILES

The eventlog record to filter on (if set to ‘all’ means all enabled logs)

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: files

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# FILES
files=
filter (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
FILTER

Scan files for matching rows for each matching rows an OK message will be submitted

Path: /settings/logfile/real-time/checks/sample

Key: filter

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# FILTER
filter=
is template (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
IS TEMPLATE

Declare this object as a template (this means it will not be available as a separate object)

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: is template

Default value: 0

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# IS TEMPLATE
is template=0
maximum age (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
MAGIMUM AGE

How long before reporting “ok”.

If this is set to “false” no periodic ok messages will be reported only errors.

Path: /settings/logfile/real-time/checks/sample

Key: maximum age

Default value: 5m

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# MAGIMUM AGE
maximum age=5m
ok (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
OK FILTER

If any rows match this filter severity will escalated down to OK

Path: /settings/logfile/real-time/checks/sample

Key: ok

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# OK FILTER
ok=
ok syntax (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
SYNTAX

Format string for dates

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: ok syntax

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# SYNTAX
ok syntax=
parent (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
PARENT

The parent the target inherits from

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: parent

Default value: default

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# PARENT
parent=default
perf config (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
PERF CONFIG

Performance data configuration

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: perf config

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# PERF CONFIG
perf config=
severity (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
SEVERITY

THe severity of this message (OK, WARNING, CRITICAL, UNKNOWN)

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: severity

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# SEVERITY
severity=
target (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
DESTINATION

Same as destination

Path: /settings/logfile/real-time/checks/sample

Key: target

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# DESTINATION
target=
top syntax (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
SYNTAX

Format string for dates

Advanced (means it is not commonly used)

Path: /settings/logfile/real-time/checks/sample

Key: top syntax

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# SYNTAX
top syntax=
warning (CheckLogFile, /settings/logfile/real-time/checks/sample)¶
WARNING FILTER

If any rows match this filter severity will escalated to WARNING

Path: /settings/logfile/real-time/checks/sample

Key: warning

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: CheckLogFile

Sample:
[/settings/logfile/real-time/checks/sample]
# WARNING FILTER
warning=

comments powered by Disqus

`CheckLogFile` — CheckLogFile¶

Queries¶

`check_logfile`¶

Arguments¶

/ settings/ logfile¶

… / real-time¶

… / real-time / checks¶

… / real-time / checks / sample¶

Table Of Contents

Previous topic

Next topic

This Page

CheckLogFile — CheckLogFile¶

Queries¶

check_logfile¶

Arguments¶

/ settings/ logfile¶

… / real-time¶

… / real-time / checks¶

… / real-time / checks / sample¶

`CheckLogFile` — CheckLogFile¶

`check_logfile`¶