Version pulled from 192.168.1.19 at this time
commit
fd0cc6cd34
@ -0,0 +1,123 @@
|
||||
#!/bin/bash
|
||||
|
||||
nagBase="/usr/local/nagios"
|
||||
nagLog="$nagBase/var/nagios.log"
|
||||
archives="$nagBase/var/archives"
|
||||
|
||||
# [fromTime] aSource aType: host;service;state;severity;num;text
|
||||
|
||||
#fromTime=`date -d "" +"%s"`
|
||||
file="$nagLog"
|
||||
fromTime=""
|
||||
toTime=""
|
||||
noTime=""
|
||||
host=""
|
||||
service=""
|
||||
state=""
|
||||
severity=""
|
||||
num=""
|
||||
# These two need to be regexp wildcards to match everything when nothing is specified
|
||||
aSource=".*"
|
||||
aType=".*"
|
||||
|
||||
print_help() {
|
||||
echo "Usage:"
|
||||
echo " -d (debug mode)"
|
||||
echo " -m <machine>"
|
||||
echo " -s <service>"
|
||||
echo " -f <from time>, default=today at midnight"
|
||||
echo " -t <to time>, default=now"
|
||||
echo " -y <#> (subtracts # days from times specified"
|
||||
echo " -x Skip remaining match checks and print all records in date range"
|
||||
echo " -n <#> selects the alert number, no default"
|
||||
echo " -T <type (HARD, SOFT)>, no default"
|
||||
echo " -w <warning type (OK, WARNING, CRITICAL, UNKNOWN)> no default"
|
||||
echo " --src|--source <alert source (HOST, SERVICE)>, default=SERVICE"
|
||||
echo " --type <alert type (ALERT, EVENT, NOTIFICATION)>, no default"
|
||||
echo " -q prints a quick report (doesn't print extended deatils)"
|
||||
echo " -r Cancels all other selections except for times, and looks for restarts"
|
||||
echo "All input is evaluated as a regexp for pattern matching."
|
||||
echo "Time values can be in the following formats:"
|
||||
echo " HH:MM[:SS] MM/DD/YYYY MM/DD/YYYY HH:MM[:SS] -2 (ie, two days ago)"
|
||||
echo "So to see yesterday's critical service alerts, try this:"
|
||||
echo " $0 [-A SERVICE] [-a ALERT] -f 00:00 -t 23:59 -y 1"
|
||||
echo "The logic for scanning which files to search relies upon Nagios rotating log"
|
||||
echo "files once per day, at midnight. This causes a \"LOGFILE ROTATE\" message to"
|
||||
echo "occur in the logfile, which this program uses to determine if the logfile could"
|
||||
echo "contain valid information for the date range specified on the command line."
|
||||
echo "While this dramatically speeds up file processing time, it could lead to skipped"
|
||||
echo "data if the Nagios logfile rotation schedule is ever changed."
|
||||
exit;
|
||||
}
|
||||
|
||||
while [ -n "$1" ]; do
|
||||
case "$1" in
|
||||
--help) print_help;;
|
||||
--file) file="$2"; shift 2;;
|
||||
-h|--host) host="$2"; shift 2;;
|
||||
-s|--service) service="$2"; shift 2;;
|
||||
--state) state="$2"; shift 2;;
|
||||
--hard) severity="HARD"; shift 1;;
|
||||
--soft) severity="SOFT"; shift 1;;
|
||||
--sev|--severity) severity="$2"; shift 2;;
|
||||
-n|--num) num="$2"; shift 2;;
|
||||
-t|--type) aType="$2"; shift 2;;
|
||||
--src|--source) aSource="$2"; shift 2;;
|
||||
-f|--from) fromTime="$2"; shift 2;;
|
||||
--to) toTime="$2"; shift 2;;
|
||||
--notime) noTime="true"; shift 1;;
|
||||
*) shift 1;;
|
||||
esac
|
||||
done
|
||||
|
||||
# $1 ; $2 ; $3 ; $4 ; $5; $6
|
||||
# [fromTime] aSource aType: host;service;state;severity;num;text
|
||||
# [1690749418] HOST ALERT: Security Cameras;DOWN;SOFT;1;CRITICAL - 192.168.1.88: rta nan, lost 100%
|
||||
# [1690765779] SERVICE ALERT: DD-WRT;Port: vlan1 Bandwidth;CRITICAL;SOFT;4;CRITICAL - Current BW in: 8.22Mbps Out: 1.58Mbps
|
||||
# [1690765838] SERVICE ALERT: DD-WRT;Port: vlan1 Bandwidth;OK;SOFT;5;OK - Current BW in: .23Mbps Out: .15Mbps
|
||||
|
||||
files=""
|
||||
if [ -n "$fromTime" ]; then
|
||||
fromTime=`date -d "$fromTime" +"%s"`
|
||||
for file in $archives/nagios-??-??-????-00.log; do
|
||||
fdate=`stat -c "%Y" $file`
|
||||
[ "$fdate" -lt "$fromTime" ] && continue
|
||||
files="$files $file"
|
||||
done
|
||||
else
|
||||
files="$nagLog"
|
||||
fi
|
||||
if [ -n "$toTime" ]; then
|
||||
toTime=`date -d "$toTime" +"%s"`
|
||||
fi
|
||||
|
||||
#awkScript=`mktemp`
|
||||
#echo -n "//" >> $awkScript
|
||||
#[ -n "$fromTime" ] && echo -n " && substr (\$1, 2, 10) >= $fromTime" >> $awkScript
|
||||
#[ -n "$toTime" ] && echo -n " && substr (\$1, 2, 10) <= $toTime" >> $awkScript
|
||||
#echo -n " && \$1~/\[[0-9]+] $aSource $aType: $host/" >> $awkScript
|
||||
#[ -n "$service" ] && echo -n " && \$2~/$service/" >> $awkScript
|
||||
#[ -n "$state" ] && echo -n " && \$3~/$state/" >> $awkScript
|
||||
#[ -n "$severity" ] && echo -n " && \$4~/$severity/" >> $awkScript
|
||||
#[ -n "$num" ] && echo -n " && \$5~/$num/" >> $awkScript
|
||||
#[ -z "$noTime" ] && echo " && sub (/^\[[0-9]{10}]/, strftime (\"%Y-%m-%d %H:%M:%S\", substr (\$1, 2, 10)), \$1)" >> $awkScript
|
||||
#gawk -F\; -f $awkScript $files
|
||||
#rm $awkScript
|
||||
|
||||
timeSelFrom=""
|
||||
timeSelTo=""
|
||||
[ -n "$fromTime" ] && timeSel=" && substr (\$1, 2, 10) >= $fromTime"
|
||||
[ -n "$toTime" ] && timeSel=" && substr (\$1, 2, 10) <= $toTime"
|
||||
|
||||
svcSel=""
|
||||
if [ -n "$host" ]; then
|
||||
if [ -n "$service" ]; then
|
||||
svcSel=" && \$2~/$service/ && \$3~/$state/"
|
||||
else
|
||||
svcSel=" && \$2~/$state/"
|
||||
fi
|
||||
else
|
||||
svcSel=" && \$2~/$state/ || \$3~/$state/"
|
||||
fi
|
||||
|
||||
awk -F\; "/^\[[0-9]+] $aSource $aType: .*$host.*;/ $svcSel {print}" $files
|
||||
Loading…
Reference in New Issue