eloyd
/
nagios
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Better highlighting and now host/service selectors work as well as --current

Browse Source
dev
Eric Loyd 1 year ago
parent b35af8a799
commit 2c27f5335e
1 changed files with 60 additions and 32 deletions
Show Stats Download Patch File Download Diff File

92
nlog
Unescape Escape View File

@ -20,36 +20,46 @@ num=""
# These two need to be regexp wildcards to match everything when nothing is specified # These two need to be regexp wildcards to match everything when nothing is specified
aSource="(HOST|SERVICE)" aSource="(HOST|SERVICE)"
aType="(ALERT|NOTIFICATION|EVENT HANDLER)" aType="(ALERT|NOTIFICATION|EVENT HANDLER)"
verbose=""
do_debug() {
[ -n "$verbose" ] && echo "$*"
}
print_help() { print_help() {
echo "Usage:" cat << HELP_EOF
echo " -d (debug mode)" Usage:
echo " -h|--host <host>" -d (debug mode)
echo " -s|--service <service>" -h|--host <host>
echo " --state <warning type (OK, WARNING, CRITICAL, UNKNOWN)> no default" -s|--service <service>
echo " --ok|--warn|--warning|--crit|--critical only print things that match" --current show CURRENT HOST|SERVICE STATE information
echo " --hard only print hard stuff" --state <warning type (OK, WARNING, CRITICAL, UNKNOWN)> no default
echo " --soft only print soft stuff" --ok|--warn|--warning|--crit|--critical only print things that match
echo " --sev|--severity <type (HARD, SOFT)>, default=all" --hard|--sort only print things that match
echo " -Q does a quick version of HARD CRITICAL" --soft only print soft stuff
echo " -n <#> selects the alert number, no default" --sev|--severity <type (HARD, SOFT)>, default=all
echo " --type <alert type (ALERT, EVENT, NOTIFICATION)>, default=all" -Q does a quick version of HARD CRITICAL
echo " --event set alert type to EVENT HANDLER" -n <#> selects the alert number (of max_retries), no default
echo " --src|--source <alert source (HOST, SERVICE)>, default=all" --type <alert type (ALERT, EVENT, NOTIFICATION)>, default=all
echo " --from <from time>, default=today at midnight" --event set alert type to EVENT HANDLER
echo " --to <to time>, default=now" --src|--source <alert source (HOST, SERVICE)>, default=all
echo " --notime don't convert timestamp to human time" --from <from time>, default=today at midnight
echo " -c|--constant) the equivalent of a tail -f on the Nagios log file" --to <to time>, default=now
echo " --file <file[s]>) scan <file[s]> instead of $file; use \"...\" if wildcards" --notime don't convert timestamp to human time
echo "" -c|--constant) the equivalent of a tail -f on the Nagios log file
echo "All input is evaluated as a case-insensitive regexp surrounded by wildcards." --file <file[s]>) scan <file[s]> instead of $files; use "..." if wildcards
echo "Time values can be in the following formats:" -v turn on verbose/debug mode
echo " HH:MM[:SS] YYYY-MM-DD YYYY-MM-DD HH:MM[:SS]*"
echo "This program does not directly scan log files other than the current one. If you want" All input is evaluated as a case-insensitive regexp surrounded by wildcards.
echo "to scan older files, use the --file option. Note that this can be combined with the" Time values can be in the following formats:
echo "--from and --to options, but keep in mind that file names are named based on the date they" HH:MM[:SS] YYYY-MM-DD YYYY-MM-DD HH:MM[:SS]*
echo "were rotated, not the date of their contents." This program does not directly scan log files other than the current one. If you want
echo "*Due to the awk pattern matching, dates before 2020-09-09 will produce empty output." to scan older files, use the --file option. Note that this can be combined with the
--from and --to options, but keep in mind that file names are named based on the date they
were rotated, not the date of their contents.
Some options set others, so options earlier on the command line can be overwritten by later ones
*Due to the awk pattern matching, dates before 2020-09-09 will produce empty output.
HELP_EOF
exit; exit;
} }
@ -61,6 +71,7 @@ while [ -n "$1" ]; do
-s|--service) service="$2"; shift 2;; -s|--service) service="$2"; shift 2;;
--state) state="$2"; shift 2;; --state) state="$2"; shift 2;;
--ok) state="OK"; shift 1;; --ok) state="OK"; shift 1;;
--current) aSource="(HOST|SERVICE)"; aType="STATE"; shift 1;;
--warn|--warning) state="WARNING"; shift 1;; --warn|--warning) state="WARNING"; shift 1;;
--crit|--critical) state="CRITICAL"; shift 1;; --crit|--critical) state="CRITICAL"; shift 1;;
--hard) severity="HARD"; shift 1;; --hard) severity="HARD"; shift 1;;
@ -74,7 +85,8 @@ while [ -n "$1" ]; do
--from) fromTime="$2"; shift 2;; --from) fromTime="$2"; shift 2;;
--to) toTime="$2"; shift 2;; --to) toTime="$2"; shift 2;;
--notime) noTime="true"; shift 1;; --notime) noTime="true"; shift 1;;
-c|--constant) tailMode="-f"; shift 1;; -c|--constant) tailMode="--follow=name"; shift 1;;
-v) verbose="true"; shift 1;;
*) shift 1;; *) shift 1;;
esac esac
done done
@ -85,6 +97,7 @@ done
# [1690749418] HOST ALERT: Security Cameras; DOWN; SOFT; 1; CRITICAL - 192.168.1.88: rta nan, lost 100% # [1690749418] HOST ALERT: Security Cameras; DOWN; SOFT; 1; CRITICAL - 192.168.1.88: rta nan, lost 100%
# [1690765779] SERVICE ALERT: DD-WRT; Port: vlan1 Bandwidth; CRITICAL; SOFT; 4; CRITICAL - Current BW in: 8.22Mbps Out: 1.58Mbps # [1690765779] SERVICE ALERT: DD-WRT; Port: vlan1 Bandwidth; CRITICAL; SOFT; 4; CRITICAL - Current BW in: 8.22Mbps Out: 1.58Mbps
# (NF-3) (NF-2)(NF-1) # (NF-3) (NF-2)(NF-1)
# [1723694400] CURRENT HOST STATE: localhost;UP;HARD;1;OK - 127.0.0.1 rta 0.067ms lost 0%
# (HOST|SERVICE) (DOWNTIME|FLAPPING)? (ALERT|NOTIFICATION) # (HOST|SERVICE) (DOWNTIME|FLAPPING)? (ALERT|NOTIFICATION)
timeSel="" timeSel=""
@ -99,13 +112,28 @@ fi
timeSub="" timeSub=""
[ -z "$noTime" ] && timeSub="&& sub (/^\[[0-9]{10}]/, strftime (\"%Y-%m-%d %H:%M:%S\", substr (\$1, 2, 10)), \$1)" [ -z "$noTime" ] && timeSub="&& sub (/^\[[0-9]{10}]/, strftime (\"%Y-%m-%d %H:%M:%S\", substr (\$1, 2, 10)), \$1)"
do_debug "DEBUG: host=$host"
do_debug "DEBUG: service=$service"
do_debug "DEBUG: awk=^\[[0-9]{10}] (GLOBAL |CURRENT )?$aSource (DOWNTIME |FLAPPING )?$aType: .*$host.*$service"
tail -n +1 $tailMode $files | gawk -F\; "\ tail -n +1 $tailMode $files | gawk -F\; "\
BEGIN {IGNORECASE=1} \ BEGIN {IGNORECASE=1} \
/^\[[0-9]{10}] (GLOBAL )?$aSource (DOWNTIME |FLAPPING )?$aType: .*$host.*;$service/ \ /^\[[0-9]{10}] (GLOBAL |CURRENT )?$aSource (DOWNTIME |FLAPPING )?$aType: .*$host.*$service/ \
&& \$(NF-3)~/$state/ \ && \$(NF-3)~/$state/ \
&& \$(NF-2)~/$severity/ \ && \$(NF-2)~/$severity/ \
&& \$(NF-1)~/$num/ \ && \$(NF-1)~/$num/ \
$timeSel \ $timeSel \
$timeSub \ $timeSub \
{printf \"%s: %s;%s;%s;%s;%s\n\", \$1, \$2, \$3, \$4, \$5, \$6}" | {
sed -e "s/;OK;/;\x1b[32mOK\x1b[0m;/" -e "s/;CRITICAL;/;\x1b[31mCRITICAL\x1b[0m;/" -e "s/;WARNING;/;\x1b[33mWARNING\x1b[0m;/" -e "s/;HARD;/;\x1b[35mHARD\x1b[0m;/" -e "s/;SOFT;/;\x1b[36mSOFT\x1b[0m;/" sub(/OK/, \"\x1b[32mOK\x1b[0m\", \$3)
sub(/WARNING/, \"\x1b[31mWARNING\x1b[0m\", \$3)
sub(/CRITICAL/, \"\x1b[33mCRITICAL\x1b[0m\", \$3)
sub(/UP/, \"\x1b[32mUP\x1b[0m\", \$2)
sub(/UNREACHABLE/, \"\x1b[31mUNREACHABLE\x1b[0m\", \$2)
sub(/DOWN/, \"\x1b[33mDOWN\x1b[0m\", \$2)
sub(/HARD/, \"\x1b[35mHARD\x1b[0m\", \$3)
sub(/SOFT/, \"\x1b[36mSOFT\x1b[0m\", \$3)
sub(/HARD/, \"\x1b[35mHARD\x1b[0m\", \$4)
sub(/SOFT/, \"\x1b[36mSOFT\x1b[0m\", \$4)
printf \"%s: %s;%s;%s;%s;%s\n\", \$1, \$2, \$3, \$4, \$5, \$6
}"

Write Preview
Loading…
Cancel
Save