check_log检查日志关键词for nagios
裴存
基于 python-2.5.2 版本写的一个小插件,巡检日志里的关键词,可以设置阀值,超过阀值报警!
开始写的时候没有太多注意,结果处理一个大的日志文件脚本执行时间有点长,看了下日志有 70M,想了一下的确啊·如果一次读取么多字符串处理起来肯定会漫长!随后在python.org 上看到了MMAP,这个模块,看到这个一下让我想起,以前编译lustre的时候,添加这个小模块时候的作用,虚拟文件·哈哈大大提升了读取大文件内容的速度! 下面看脚本,例子是我检测nginx日志有多少个 No such file or directory
nagios $> cat check_log
# -*- coding: utf-8 -*-
#!/usr/bin/python
# QQ:277057817
import mmap
import os
import sys
import getopt
def usage():
print """
check_log is a Nagios monitor logs Script
Usage:
check_log [-h|--help][-l|--log][-s|--string][-w|warning][-c|critical]
Options:
--help|-h)
check_log help.
--log|-l)
sets log file path.
--string|-s)
sets monitor Keywords.
--warning|-w)
sets Keywords quantity.Default is: off
--critical|-c)
sets Keywords quantity.Default is: off
example:
./check_log -l /var/log/nginx.log -s "502 Bad Gateway" -w 5 -c 10 """
sys.exit(3)
try:
options,args = getopt.getopt(sys.argv[1:],"hl:s:w:c:",["--help","log=","string=","warning=","critical="])
except getopt.GetoptError:
usage()
for n,v in options:
if n in ("-h","--help"):
usage()
if n in ("-l","--log"):
log = v
if n in ("-s","--string"):
string = v
if n in ("-w","--warning"):
warning = v
if n in ("-c","--critical"):
critical = v
if 'log' in dir() and 'string' in dir():
try:
file = open(log,"r+")
size = os.path.getsize(log)
data = mmap.mmap(file.fileno(),size)
# 用了mmap模块的功能!
text = data.read(-1)
counts = text.count(string)
counts = str(counts)
data.close()
file.close()
except IOError:
print "No such file or directory:"+log
else:
usage()
if 'warning' in dir() and 'critical' in dir():
if warning < critical:
if counts >= warning and counts < critical:
print 'WARNING - %s views %s' % (string,counts)
sys.exit(2)
elif counts >= critical:
print 'CRITICAL - %s views %s' % (string,counts)
sys.exit(1)
else:
print 'OK - %s views %s' % (string,counts)
sys.exit(0)
else:
print "Must critical > warning"
sys.exit(0)
else:
print 'OK - %s views %s' % (string,counts)
sys.exit(0)
nagios $> python file.py -l /usr/local/nginx/logs/error.log -s "No such file or directory" -w 2 -c 3
CRITICAL - No such file or directory views 3
好了,在添加到 commands.cfg 下就好了
nagios $> vim /usr/local/nagios/etc/objects/commands.cfg
define command{
command_name check_log
command_line $USER1$/check_log -l $ARG1$ -s $ARG2$ -w $ARG3$ -c $ARG4$
}
然后在客户端 nrpe.cfg 添加:
nginx $> vim /usr/local/nagios/etc/nrpe.cfg
command[check_log]=/usr/local/nagios/libexec/check_log -l /var/logs/nginx.log -s "No such file or directory" -w 2 -c 5
然后在服务端的 services.cfg 添加:
nagios $> vim /usr/local/nagios/etc/tuokou/services.cfg
define service{
use local-service,srv-pnp
host_name web
service_description nginx log
check_command check_nrpe!check_log
}
本文转自Deidara 51CTO博客,原文链接:http://blog.51cto.com/deidara/477353,如需转载请自行联系原作者
类似资料: