Git Product home page Git Product logo

sensu-plugins-logs's People

Contributors

analytically avatar avifried1 avatar avihay-av avatar cgeers avatar dependabot-preview[bot] avatar eheydrick avatar hartmantis avatar hillaryfraley avatar jhshadi avatar jspaleta avatar majormoses avatar mattyjones avatar mjulian avatar nlopes avatar sstarcher avatar tas50 avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

sensu-plugins-logs's Issues

Compatibility with CentOS?

I've installed sensu-plugins-logs as a Sensu Go asset via Bonsai, and I've hit a bit of a snag with running checks on our CentOS systems, namely that they don't pick up the asset.

It looks like this is because the filter expression in the asset definition is checking entity.system.platform for the value 'rhel', but this key contains 'centos' on the systems in question. I've noticed that most of the other plugins we're using are checking entity.system.platform_family, which does contain 'rhel'.

Is this by design because of a compatibility issue, or is this something that could potentially be changed?

Versions of things: CentOS 7.7, Sensu Go 5.18.1, sensu-plugins-logs 4.0.0

Release 0.0.3

Please release 0.0.3 here on github and on rubygems...

Support in log entries with multiple lines

I have few application i would like to monitor with application logs that the log entries have multiple lines. i would like for the check-log check to read not only one line but to read the whole log entry to match or exclude against the patterns i supplied.

is this possible?

Dependabot can't resolve your Ruby dependency files

Dependabot can't resolve your Ruby dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Bundler::GemNotFound with message: Could not find gem 'kitchen-localhost (~> 0.3)' in any of the gem sources listed in your Gemfile.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

You can mention @dependabot in the comments below to contact the Dependabot team.

check_log configuration issues

Hi,

I'm using the check_log to check my logfiles on certain keywords, for example "error". If a new error is written to the log file, sensu gives me an error. After a couple of seconds, the critical error disappears. How should I configure my check in order to check the log file on a word like ERROR and that the error stays as long the error exists in the log file?

My check looks a bit like this:

{
  "checks": {
    "check_log": {
      "command": "/etc/sensu/plugins/check-log.rb -f /opt/test/logs/testDocker.log -q 'ERROR'",
      "interval": 10,
      "subscribers": ["subscriber1"]
    }
  }
}

Thanks in advance

Dependabot can't resolve your Ruby dependency files

Dependabot can't resolve your Ruby dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Bundler::GemNotFound with message: Could not find gem 'kitchen-localhost (<= 0.3.0, >= 0.3)' in any of the gem sources listed in your Gemfile.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

You can mention @dependabot in the comments below to contact the Dependabot team.

I don't understand what the `--crit` and `--warn` flags are supposed to do

I don't know how to interpret "Critical/Warning level if pattern has a group."

It seems like --crit N would only trigger a critical event if the check found N or more matching lines.
It seems like --warn-only --warn N would trigger a warning event if the check found N or more matching lines.

These don't work for me as expected, and don't seem relevant to the code at all. Was a breaking change in Ruby that's affecting this? I'm using Ruby 2.3.1, and it seems like it's impossible to get in to the if m[1] clause at https://github.com/sensu-plugins/sensu-plugins-logs/blob/master/bin/check-log.rb#L192.

If I'm misunderstanding the intended use of --crit and --warn, what are they intended to do?

If my interpretation is correct, I'm happy to submit a PR to update them (it's pretty much ready to go). But I worry that it could be a breaking change for existing implementations.

No File option

I was wondering if we can have a new option for the check-logs.rb plugin, since I'm running into a new issue in my env.
Can we have an option to not alert if the file is not present?

Please let me know
Thank you
Devon

A flag to ignore traversing a log file on initial read

First, thank you for the ruby plugin.

I would like to suggest the capability to ignore the initial search on a log file. This is option is important when you are starting to watch an existing log file which in some cases are extremely large in size. The initial read takes a higher that normal amount of cpu and memory to traverse the file. This new option would give the check-log.rb the capability to commerce monitoring from the last line / end of file position line in the file.

Feature Request: Include flag for Context in Check_log.rb

Per user feedback: Having a flag to return number of lines before and/or after from a matching pattern line.

This will give user added context in instances where you have, as an example, a stack trace in the log file and may need the previous 15 lines or so for context.

Plugin copies the file to /var/cache folder and does its checking

To get this working, I had to add sensu user to the adm group so that I can address /var/log/auth.log. But for some reason I started to get Permission Denied for /var/cache/check-log/.../var/log/auth.log. I had to give chmod 777 access (without -R) to /var/cache/check-log/.../var/log/auth.log to get it to work. Ideally adding sensu user to root group should have done the trick.

Please help me solve this issue without having to do chmod on /var/cache/check-log/.../var/log/auth.log.

check-journal.rb lauch journalctl with embeded library

check-journal.rb lauch journalctl with library path pointing to embeded library.
So journalctl returns :

journalctl: /var/cache/sensu/sensu-agent/ff3ba13e1a20f89eaac7613fc2c072a8a355918dbaf158b8d1565ebf02d066f3382dde872c1d80002ded762d8a3a860ccce20410b8d
edb47b69fd7038e918dde/lib/libcrypt.so.1: version `XCRYPT_2.0' not found (required by /lib/systemd/libsystemd-shared-245.so)
journalctl: /var/cache/sensu/sensu-agent/ff3ba13e1a20f89eaac7613fc2c072a8a355918dbaf158b8d1565ebf02d066f3382dde872c1d80002ded762d8a3a860ccce20410b8d
edb47b69fd7038e918dde/lib/libcrypt.so.1: version `XCRYPT_4.4' not found (required by /lib/systemd/libsystemd-shared-245.so)

Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal

Workaround can be add LD_LIBRARY_PATH= in front of journalctl cmd
So the command is LD_LIBRARY_PATH= journalctl #{journalctl_args}

Update README

Updating the README.md with

  • Basic functionality is documented
  • Examples are documented: At least one per script
  • Has a license
  • Platforms

check-log.rb clobbers state file

when specifying a directory with -s to store the state file, the check naively assumes that there is only a single check against the given file.

If you are monitoring /var/log/nginx/access.log for instances of http_status=502 and specify -s /tmp, then a state file containing the last scanned line number gets created as /tmp/var/log/nginx/access.log.

The problem comes when you attempt to create a second check, say for instances of http_status=503 and specify the same -s /tmp directory. the two checks will end up clobbering the other's files, and detection of the regex match will be inconsistent and unreliable.

Perhaps the file's contents should contain the check name as well, i.e. /tmp/var/log/nginx/access.log should contain two lines, such as:

check_http_502:80105
check_http_503:79940

Documentation lacking

I wonder why all sensu plugins have this common issue in them. Documentation is so lacking. How can a documentation just have 3 lines in it for 4 commands that are provided ? How come the options and tricks and tips are just not mentioned ? We have to google like crazy to find anything regarding the plugin.

You have 4 files
bin/check-journal.rb
bin/check-log.rb
bin/handler-logevent.rb
bin/handler-show-event-config.rb

And your doc has
{
"logevent": {
"eventdir": "/var/log/sensu/events",
"keep": 10
}
}

What am I missing, why isn't anyone else complaining. I am sure I am missing something really silly here. I found something useful in a issue, #1

Sorry to sound so frustrated, but all sensu plugins have the EXACT same issue. Each and every one of them. Please correct me if I am wrong here.

Dependabot can't resolve your Ruby dependency files

Dependabot can't resolve your Ruby dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Bundler::GemNotFound with message: Could not find gem 'kitchen-localhost (~> 0.3)' in any of the gem sources listed in your Gemfile.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

You can mention @dependabot in the comments below to contact the Dependabot team.

Dependabot can't resolve your Ruby dependency files

Dependabot can't resolve your Ruby dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Bundler::GemNotFound with message: Could not find gem 'kitchen-localhost (<= 0.3.0, >= 0.3)' in any of the gem sources listed in your Gemfile.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

You can mention @dependabot in the comments below to contact the Dependabot team.

New release and new gem

Hi,
When is a new release planned for the plugin? Since the last release on March 12 2016 there have been a couple of fixes made to the plugin.
I install all plugins as gems on my servers, is there some better way to get the latest fixes other than waiting for new gem to be released?

Large output returned from the plugin causing sensu server to hang

We encounter some issue when a large amount of errors has been written to the log and the --return flag is set all. the matched errors in the log are collected and sent in the response body sent to the sensu server. few times we encounter a very large response that caused the sensu server to hang.

We might want to implement an option to limit the number of errors in order to avoid large output sent to the sensu server.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.