Log file content monitoring

[Laurent Courcelle]

Hi,

I'm new to Pandora FMS and I'm trying to have a monitor looking for error messages in log files.
I saw in the Pandora Agent documentation that the module_plugin grep_log could be used.
The agent is installed on a Windows XP pro workstation.
I updated the pandora_agent.conf with this line :
module_plugin grep_log "c:\test.log" LogParser ERROR

It doesn't do anything. I have no error message in the pandora_agent.log. the module is not shown on the console. I even set the debug flag  and I don't see any reference to the plugin in the pandora debug file.

I then managed to execute a .bat file that would have cheched for new lines in a log file LogMon.bat:
@echo off
REM LogMon fichier fichiertemp
set /p prev=< %2
wc -l %1 |  tr -s " " ";" |cut -f2 -d; > %2
set /p actu=< %2
expr %actu% - %prev% > %2.comp
set /p diff=< %2.comp
tail -%diff% %1

I updated the agent configuration file with these lines :
# Test log file monitoring
module_begin
module_name Test_LogMon
module_type generic_data_string
module_exec LogMon.bat c:\test.log c:\test.txt | grep ERROR
module_description test Logfile monitoring
module_end

The LogMon.bat works great if I call it from the command line. But when run by the agent, I get this in pandora_agent.log :
Pandora_Module_Exec: Test_LogMon did not executed well (retcode: 259)

In the debug, I have :
Executing: cmd.exe /c "LogMon.bat c:\test.log c:\test.txt | grep ERROR"

I also tried to replace the variables in the bat file by hardcoded log and temporary files, but I have the same result ...

Any help would be appreciated.

In advance, thank you.

Best regards,
Laurent

[Laurent Courcelle]

I forgot to mention I'm using Pandora 2.1 vmware version and I used the Windows installer version for the agent.

Cheers
Laurent

[Laurent Courcelle]

LogMon.bat is located in the util directory of the pandora installation, together with the unix commands executables. This directory is in the system path variable.

[Laurent Courcelle]

I was able to call a bat file that shows the last lines of a log file.
I think the problem came from the use of the "set" command, seems that pandora agent doesn't like the "set variable < file"
I replaced the reading of the file by this command :
for /f %%i in (c:\file.txt) do set prev=%%i
echo %prev%

So how's the bat file looks like :
@echo off
REM LogMon fichier fichiertemp
for /f %%i in (%2) do set prev=%%i
wc -l %1 |  tr -s " " ";" |cut -f2 -d; > %2
for /f %%i in (%2) do set actu=%%i
expr %actu% - %prev% > %2.comp
for /f %%i in (%2.comp) do set diff=%%i
tail -%diff% %1

Still, it's not that cute...

Any idea why module_plugin grep_log  doesn't return anything ?

thanks !

Laurent

[rnovoa]

Hi lcourcelle,

Plugins are a feature of Pandora FMS Linux agents, they do not work under Windows. But there is a new module called module_regexp that searches a log file for matches of a given regular expression. You can compile the 3.0 Pandora FMS agent from trunk and try it or wait for the release.

[cite]Posted By: lcourcelle[/cite][p]I was able to call a bat file that shows the last lines of a log file.
I think the problem came from the use of the "set" command, seems that pandora agent doesn't like the "set variable < file"
I replaced the reading of the file by this command :
for /f %%i in (c:\file.txt) do set prev=%%i
echo %prev%[/p][p]So how's the bat file looks like :
@echo off
REM LogMon fichier fichiertemp
for /f %%i in (%2) do set prev=%%i
wc -l %1 |  tr -s " " ";" |cut -f2 -d; > %2
for /f %%i in (%2) do set actu=%%i
expr %actu% - %prev% > %2.comp
for /f %%i in (%2.comp) do set diff=%%i
tail -%diff% %1[/p][p]Still, it's not that cute...[/p][p]Any idea why module_plugin grep_log  doesn't return anything ?[/p][p]thanks ![/p][p]Laurent[/p]