Skip to main content

Configure Nagios Core for Log Monitoring

Hands-On Lab

 

Photo of

Training Architect

Length

01:00:00

Difficulty

Intermediate

No matter how well we set up our infrastructure, eventually something will go wrong that needs to be fixed. When that happens, the first step is to check the logs for errors and warnings. In this hands-on lab, we will create a Nagios service that monitors the logs for errors and warnings using the check_log plugin.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Configure Nagios Core for Log Monitoring

Introduction

No matter how well we set up our infrastructure, eventually something will go wrong that needs to be fixed. When that happens, the first step is to check the logs for errors and warnings. In this hands-on lab, we will create a Nagios service that monitors the logs for errors and warnings using the check_log plugin.

Connecting to the Lab

  1. Open your terminal application, and run the following command (remember to replace PUBLIC_IP with the public IP you were provided on the lab instructions page):
    ssh cloud_user@PUBLIC_IP
  2. Enter yes at the prompt.
  3. Enter your cloud_user password at the prompt.

Define Two Command Objects that Check the Logs for Errors and Warnings

  1. Change to the /etc/objects/ directory.
    cd /usr/local/nagios/etc/objects/
  2. List the contents of the directory.
    ls
  3. View the last few lines of the file LogFile.log.
    tail -f /home/cloud_user/LogFile.log
  4. Open the commands.cfg file.
    sudo vim commands.cfg
  5. Enter your cloud_user password at the prompt.
  6. In the vim text editor, add the following text:

    define command {
    
          command_name    check_log_error
          command_line    /usr/local/nagios/libexec/check_log -F /var/log/messages -O /home/nagios/check_log.error -q "error"
    
    }
    
    define command {
    
          command_name    check_log_warning
          command_line    /usr/local/nagios/libexec/check_log -F /var/log/messages -O /home/nagios/check_log.warning -q "warning"
    
    }
    
  7. Press Esc to exit Insert mode, then type :wq to save and exit the file.

Define the Two Services

  1. Open the file localhost.cfg.
    sudo vim localhost.cfg
  2. Scroll to the bottom of the file, and add the following text:

    define service {
    
          use                     local-service
          host_name               localhost
          service_description     Check Log Error
          check_command           check_log_error
    
    }
    define service {
    
          use                     local-service
          host_name               localhost
          service_description     Check Log Warnings
          check_command           check_log_warning
    
    }
  3. Press Esc to exit Insert mode, then type :wq to save and exit the file.

Give the nagios User Read Permissions for /var/log/messages

  1. Run the following command:
    sudo setfacl -R -m u:nagios:r-- /var/log/messages

Restart and Log In to the Nagios Server

  1. Restart the Nagios server.
    sudo systemctl restart nagios
  2. Open a new private browser tab, and navigate to http://NAGIOS_SERVER_IP/nagios.
  3. At the prompt, enter the following login credentials:
    • User Name: nagiosadmin
    • Password: BlaBla321
  4. Click Services in the left sidebar.
  5. Click the Check Log Warnings service.
  6. Under Service Commands, click Re-schedule the next check of this service.
  7. Next to Check Time, enter a time approximately 10-20 seconds from now (if needed, check the current time using the date command in your terminal window).
  8. Click Commit, then Done.
  9. Verify that there are no errors under Status Information.

Conclusion

Congratulations, you've successfully completed this hands-on lab!