We currently use the Consol Labs (https://labs.consol.de/nagios/check_logfiles/) check_logfile plugin to alert on strings found within our application logs. One thing that we are having some issues with is that whenever there are several alerts within a time frame or one alert is has a bit a length to it. The nagios alert that is created only shows a small amount of the alert. Which requires the support staff to always connect to the systems to see what the full alert is.
Is there any way to make with the check_logfile, or Nagios/NRPE be able to display the full log alert in the nagios alert that is created?
Thanks,
I too just started with this Nagios plugin, check_logfiles. I have gotten it to work under Unix/Linux. I can't get the plugin to work on Windows which is what I need.
But, I did see while in there,
$options A list of options which control the influence of pre- and postscript. Known options are smartpostscript, supersmartpostscript, smartprescript and supersmartprescript. With the option report=”short|long|html” you can customize the plugin’s output. With report=long/html, the plugin’s output can possibly become very long. By default it will be truncated to 4096 characters (The amount of data an unpatched Nagios is able to process). The option maxlength can be used to raise this limit, e.g. maxlength=8192. The option seekfileerror defines the errorlevel, if a seekfile cannot be written, e.g. seekfileerror=unknown (default:critical). The same applies to protocolfileerror (default: ok). Usually the last error message will be shown in the first line of the output. With preview=5 you can tell check_logfiles to show for example the last 5 hits. (default is: preview=1)
also, I'm not completely sure that this is Gospel anymore, as it looks like Nagios has done something to allow longer messages. ?
Functionally, NRPE can only handle a payload of 1024 bytes, which limits the amount of data that you can receive on your Nagios server.
so, I really don't know. I also seen that there is a multi-line NRPE agent capability.
please see this article - interestingly - it appears there is a way, however, it is not clear. I think your best bet would be to enter a case ticket with Nagios Core support forum. I've had success with Nagios support forum.
https://sourceforge.net/p/nagios/mailman/nagios-users/thread/C68E26BB.5E2E4%25dszmandi%40imc.net.au/#msg23143763
Related
I'm trying to handle all of User Interfaces (UI) dialogs in .msi installing pakage, with EmbeddedUIHandler to do this I have created a setupui.dll which contains three methods: InitializeEmbeddedUI, ShutdownEmbeddedUI, EmbeddedUIHandler, and put it inside of MsiEmbeddedUI table (using installshield) and it worked just fine.
The problem is when setupui.dll is dependent to other external DLLs, this time windows installer won't use my dll and it uses default ui, I have added other DLL dependencies with Installshield as follow:
I'm uncertain of what Windows Installer allows here. There are, however, three things that jump out at me as things to look into:
The MsiEmbeddedUI table's Attributes column should probably have a 3 for SetupUI.dll (as it does), and 0 for the rest. Per the docs, the 2 bit is ignored if the 1 bit isn't present, but all the other files are better described as "It may be a resource used by the user interface."
The verbose log: does it indicate what's going on? Does it show a failure loading SetupUI.dll that provides a useful error code (hint: file not found probably refers to a dependency)? Does it indicate it didn't even try to load your DLL? Look for lines with EEUI, at least in the successful case.
If Windows Installer does attempt to load SetupUI.dll, how far does it get? If it gets far enough for you to run some code and, say, show a message box, what files are already extracted at that point? If the dependencies are extracted, can you ensure that its directory is on the DLL path via SetDllDirectory or AddDllDirectory? If the dependencies are not extracted, are they present at a later point so approches like delay loading could help?
For the third point, Process Monitor may help you diagnose what's going on if you can't get a message box in there, but it will probably be less clear. Alternately, using Loader Snaps and Debug View might get you a related set of information, but it may be drowned in additional noise.
I am trying to pull data from a Salesforce API account using Pentaho/Kettle Spoon. I am able to establish a connection on Pentaho with this account. I am also able to get fields from specific modules. However, when I try and "Preview rows" (even with a small number of rows), the "Operation in Progress" window comes up and never completes the task. When I try and cancel the job, Pentaho hangs and I have to force quit it.
I am running Fedora 21. Any input is greatly appreciated.
Thanks!
This works for me:
Since upgrading to Fedora 22 Spoon (the client tool of PDI) was not working properly anymore. Although I could start Spoon properly and create transformations etc, once I wanted to execute a transformation or sometimes even when trying to open settings, nothing was working and the terminal window showed several (SWT:20352): GLib-CRITICAL error messages. In a nutshell, Spoon was rendered useless.
Here is how to solve this:
Go to the Eclipse Download Page and download the latest 64bit verion of Eclipse IDE for Java EE Developers. Note: There is a separate download area for SWT; however, for Linux there is no 64 bit version available. The only way to get one is to build it yourself. So I just went the easier way and downloaded Eclipse instead.
Unzip the file and search for swt. A search result will show a few files, but the ones interesting for us are (your version number might be different): org.eclipse.swt_3.103.2.v20150203-1313.jar and org.eclipse.swt.gtk.linux.x86_64_3.103.2.v20150203-1351.jar.
Copy the first one of these files into <PDI_HOME>/libswt/linux/x86 and the second into <PDI_HOME>/libswt/linux/x86_64.
oth folders still have the original jar files in them. Rename them to swt-jar-old (Note: no extension, so that they are not picked up).
Start Spoon. There will be a few error messages shown, but so far Spoon is working way better for me than before.
FONT: http://diethardsteiner.github.io/pdi/2015/06/07/Fixing-PDI-GLib-CRITICAL.html
i'm running Ubuntu 14.04, i5,6gb RAM, got same trouble..
when i check, the load in proccessor is 100%, evertime i try showing the content or other thing in pentaho, the Operation in progress is show up, and never end..
How to solve, check your access to file/connection in your database,unrecognize file,field,etc. after this resolve, my proccessor run normal, and i could run / execute the transformation.
I bought two VeriShield file signing cards. Unfortunately neither of the cards work--they each give a "wrong pin" error.
PIN Entry Try is 3. Do we see any message if the cards are locked? Can we sign the file as default and download the app to terminal? Also will there be any ownership issues if I sign the files as default for development?
Let's start with why you are getting the wrong PIN. There could be a few different reasons:
VERIFY YOU HAVE THE RIGHT PIN
When you first got your cards, each one should have come with a welcome letter telling you what the PIN is for that card. Note that each card will have a unique PIN and that you can't mix the two up (that is--if you try to enter the PIN for card 1 on card 2, it won't work and visa-versa).
NOTE: VeriFone is not infallible--when I was in my VF training class, one student got a pair of cards that didn't work and the teacher decided he must have had the wrong PINs sent to him. The only remedy is to contact the VF rep from whom you purchased the cards.
CHECK FOR PROPER INSTALLATION
Are you using the latest version of the File Signing Tool (FST)? I believe the latest version is 04.01.04. If you have an older version, go to the DevNet page and get the latest.
I have a note saying that the FST installer needs to be run using administrator privileges, though if I remember correctly, it will elevate itself to administrator, so this shouldn't be off too much concern. My note also says that during the setup, you may get a message about not being able to change folder permissions, but not to worry about it.
Once you have the FST installed, set it to always run as administrator. This IS important and it won't work if you don't.
The first time you run FST, you'll need to set up 2 officers and give them temporary passwords (you will be required to change the passwords on the next log-in). Note that for some reason, VF decided to make the USER NAMES case sensitive (not just the passwords).
Once those users are set up, log in as those users and change the password to the "permanent" password ("permanent" as in you don't have to change it again if you don't want to). If I'm not mistaken, you can't use one of the last (3?) passwords, so you can't use the same as the temporary password you set them up with.
Now log in with BOTH users that you set up and choose Change PIN.
If you are still having trouble, contact your VF rep.
PIN Entry Try is 3. Do we see any message if the cards are locked?
I know that you do have a very limited number of retries before the card locks itself, but seeing as mine worked on my first try, I really couldn't tell you what happens as you approach and/or cross that limit.
Can we sign the file as default and download the app to terminal? Also will there be any ownership issues if i sign the files as default for development.
That depends on what type of terminal you are using. If it is a Verix or VerixV (so like 3740, 3750, 3730, 510, 570) then, yes you can use a default signature (that's what I regularly do on these terminals) and no, it won't cause any problems, assuming everything else that is running on that terminal is also default-signed. If you are using some things that ARE secure-signed, then I believe that all items must have the same sponsor to run on that terminal (I know that's true with the eVo platform, but I'm just assuming on the Verix/VerixV platforms).
HOWEVER, if you are running an eVo terminal (like 520) then you MUST use a secure signature--eVo will not accept a default certificate. What's more, once a secure-signed program is loaded into the terminal, then ALL future applications MUST be signed using a certificate with the same sponsor, or that program will not run. (One exception--if you run the certificate removal program, then AFTER it runs, you can load a new sponsor on. However, note that the removal tool will not run unless it has been singed by the same sponsor).
Trying to use a default certificate should not cause any ownership problems, it just won't run. I know that if I try and use the default certificate on my terminal that already has a sponsor, it will compare the file signatures after download and say they don't match. I haven't tried it on a blank (no sponsor cert yet) eVo, but I suspect you would get roughly the same result.
Those file signing cards have gotten expensive recently, so if yours aren't working, then I'd get with the VF rep quickly and try to get it fixed--the longer you wait, the less likely they'll help you.
We've just updated Nagios from 3.5.x to the current version (4.0.7) and subsequently added a new host for monitoring.
The new host shows as 'Down' in Nagios, and this seems to be related to the fact that pnp4nagios is not logging performance data (the individual checks for users, http etc are all find).
Initially there was an error that the directory
/usr/local/pnp4nagios/var/perfdata/newhost.com
that contains the xml setup and rrd files for the new host was missing), so I manually created this directory, but now it complains that the files are missing.
Does anyone know the appropriate steps to overcome this issue?
Thanks,
Toby
PS I'd tag this 'pnp4nagios', but that tag doesn't exist and I can't create them
UPDATE
It's possible that pnp4nagios is a red herring/symptom. Looking more closely I realise that Nagios actually believes the host is down, even though all services are up. The host status information is '(Host check timed out after 30.01 seconds)'...does this make any more sense?
It's indeed very unlikely that pnp4nagios has something to do with your host being down. pnp actually exports output and performance data to feed the rrd database and xml files (via npcd module or evenhandler command).
The fact that nagios reports the host check timed out after 30 sec means that :
- you have a problem with your host check command, please double-check the syntax
- this check command times out after a certain timelapse (most likely defined in nagios.conf) because the plugin was still running.
I'd recommend running this command from the server's prompt. You want to do something like :
/path/to/libexec/check_command -H ipaddress -args
For example:
/usr/local/libexec/nagios/check_ping -H 192.168.1.1 -w 200,40% -c 500,80% -timeout 120
See if something might be hanging. Having the output would be helpful.
Once your host check returns correct output and performance data to nagios, pnp will hopefuly do the rest.
In the unlikely event it helps anyone, pnp4nagios was indeed a red herring. The problem was that ping wasn't enabled for the host being checked, and this is the test for whether a host is up or not. Hence this was failing, despite other services being reported as working.
I'm currently writing a little commercial PHP Script which would be a VPN (PPTP) manager, in command line.
Actually, it's a socket server which is waiting for commands like "create", "suspend", "unsuspend", "changepassword"... Then it parses the PPTP files and modify them.
The thing is that I will have to give the PHP files which are so simple that they ONLY need php5-cli to be installed (and no apache, nothing else), I need to protect it from being read (actually, it's only 1 file, which is an entire class. The rest can be clear).
I want the system to be lightest as possible, that's why there is no need of GUI, web-server, curl, *sql...
I thought about IonCube, but it's very expensive and can't be used on with cli scripts because it needs a loader, which is loaded by apache. This is the problem of every encoder I think.
I thought about HipHop PHP (From Facebook), but it's hard to understand how to use (because I can compile my sources, but the user guide says how to launch our clear source with it :/ ).
So, I'm here to get help about that. I have some PHP-cli scripts, which must run in command line, which don't need a webserver to work, and I only need (as it's a commercial product) to protect my sources from reading and illegal ditribution (it will be easy to bypass the licence system). This file is simply a PHP class.
Thanks.
-- Edit --
Precisly, I want to make it paid by month, 6 months, year. If it's clear, then everybody will be able to comment the licence check, and have it for free. I love the opensource, for proof, I've written 3 classes for this project, a debug/warning/error manager with output handling (stdout/stderr/logfile) and a Socket class, which you just have to include and extends from, and you have a complete server (and you just have to implement needed functions, the server will call the "received commmand"(), and I don't want to obfuscate these 2 classes.
As to ionCube, there is an online encoder available that does a one-time encode of your script for just a few bucks, depending on the size of your codebase. If you write your own licensing mechanism, you could be able to use that. Besides, your statement about the ionclube loader is incorrect, no apache necessary, it's just a module that can be loaded in php.ini. IonCube is - in my opinion - a good choice.
Do take your time to really ask how much protection you need. A computer will always understand how to interpret your code, so eventually a human being will be able to peek inside, if he really wants to.
If the ionCube loader isn't an option on your clients, there are several 'obfuscators' for PHP out there that will probably stop the "quick peekers" from understanding the code in less than one hour. These obfuscaters won't encrypt your code, but they will make it less readable by changing all your variables, functions and class names into some arbitrary hashes, and remove all your comments and whitespace. They don't need anything on the server to be run, but in the end your PHP code will still be just the same.