[Logcheck-devel] Bug#355364: logcheck-database: please extend nagios rules to nagios2

Cyril Chaboisseau cyril.chaboisseau at free.fr
Sun Mar 5 09:05:04 UTC 2006 

Package: logcheck-database
Version: 1.2.43a
Severity: wishlist

when nagios2 is installed logcheck doesn't catch system messages with
the existing (nagios) rules

please, change "nagios:" to "nagios\[[0-9]+\]:" for all lines


thanks

-- 
Cyril Chaboisseau
-------------- next part --------------
--- nagios	2005-10-23 06:13:15.000000000 +0200
+++ nagios.new	2006-03-05 10:03:09.000000000 +0100
@@ -1,17 +1,17 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Auto-save of retention data completed successfully\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: LOG ROTATION: (DAILY|WEEKLY|MONTHLY)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Nagios 1\.1 starting\.\.\. \(PID=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE ALERT: [._[:alnum:]-]+;[^;]+;(CRITICAL|WARNING|OK|UNKNOWN);(SOFT|HARD);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT \()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE FLAPPING ALERT: [._[:alnum:]-]+;[^;]+;STOPPED; Service appears to have stopped flapping \([.[:digit:]]+% change < [.[:digit:]]+% threshold\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST ALERT: [._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);(SOFT|HARD);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST DOWNTIME ALERT: [._[:alnum:]-]+;(STARTED|STOPPED);.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST EVENT HANDLER: [._[:alnum:]-]+;DOWN;(SOFT|HARD);[0-9]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND: PROCESS_SERVICE_CHECK_RESULT;[._[:alnum:]-]+;[^;]+;[0-9]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND: (ENABLE|DISABLE)_(HOST_|HOST_SVC_|SVC_)?NOTIFICATIONS;[._[:alnum:]-]+(;[^;]+)?$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND: (ADD_SVC_COMMENT|ACKNOWLEDGE_SVC_PROBLEM);[._[:alnum:]-]+;[[:alnum:]]+;[0-9]+;([[:alnum:]]+;)?.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: EXTERNAL COMMAND: SCHEDULE_HOST_DOWNTIME;[._[:alnum:]-]+;[0-9;]+;[[:alnum:]]+;.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: Warning: The results of service '[ [:alnum:][:punct:]]+' on host '[._[:alnum:]-]+' are stale by [[:digit:]]+ seconds \(threshold=[[:digit:]]+ seconds\).  I'm forcing an immediate check of the service\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Auto-save of retention data completed successfully\.$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: LOG ROTATION: (DAILY|WEEKLY|MONTHLY)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Nagios 1\.1 starting\.\.\. \(PID=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE ALERT: [._[:alnum:]-]+;[^;]+;(CRITICAL|WARNING|OK|UNKNOWN);(SOFT|HARD);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;(ACKNOWLEDGEMENT \()?(CRITICAL|WARNING|OK|UNKNOWN)(\))?;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: SERVICE FLAPPING ALERT: [._[:alnum:]-]+;[^;]+;STOPPED; Service appears to have stopped flapping \([.[:digit:]]+% change < [.[:digit:]]+% threshold\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST ALERT: [._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);(SOFT|HARD);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;(DOWN|UP|UNREACHABLE);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST DOWNTIME ALERT: [._[:alnum:]-]+;(STARTED|STOPPED);.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: HOST EVENT HANDLER: [._[:alnum:]-]+;DOWN;(SOFT|HARD);[0-9]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND: PROCESS_SERVICE_CHECK_RESULT;[._[:alnum:]-]+;[^;]+;[0-9]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND: (ENABLE|DISABLE)_(HOST_|HOST_SVC_|SVC_)?NOTIFICATIONS;[._[:alnum:]-]+(;[^;]+)?$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND: (ADD_SVC_COMMENT|ACKNOWLEDGE_SVC_PROBLEM);[._[:alnum:]-]+;[[:alnum:]]+;[0-9]+;([[:alnum:]]+;)?.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: EXTERNAL COMMAND: SCHEDULE_HOST_DOWNTIME;[._[:alnum:]-]+;[0-9;]+;[[:alnum:]]+;.*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios\[[0-9]+\]: Warning: The results of service '[ [:alnum:][:punct:]]+' on host '[._[:alnum:]-]+' are stale by [[:digit:]]+ seconds \(threshold=[[:digit:]]+ seconds\).  I'm forcing an immediate check of the service\.$
 # nrpe
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: Error: Could not complete SSL handshake. 5$

More information about the Logcheck-devel mailing list