op5 Monitor to op5 LogServer integration


Introduction	You can use op5 Monitor to query op5 LogServer on how many matches a filter return and then throw OK\|WARNNG\|CRITICAL values depending on the information returned. You can also get a url in your Monitor window that points to the op5 LogServer with the current filter checked.


Prerequisites	Before you begin you need to have op5 Monitor and op5 LogServer configured and up and running. op5 Monitor Updated to latest release op5 LogServer Updated to latest release A user created with access to the filters you will use One or more working filters Note: Avoid spaces in your filtername.

Monitor check-commands

Add the required check-commands, if they don't already exist in your configuration. ('Configure' -> 'Check Commands' -> 'New command'):

command_name	command_line
check_logserver_filter	$USER1$/check_ls_log -r <logserverhost> -l <user> -p <password> -f "$ARG1$" -i 10 -w $ARG2$ -c $ARG3$
check_logserver_filter_interval	$USER1$/check_ls_log -r <logserverhost> -l <user> -p <password> -f "$ARG1$" -i $ARG2$ -w $ARG3$ -c $ARG4$
check_logserver_host_filter	$USER1$/check_ls_log -r <logserverhost> -l <user> -p <password> -f "$ARG1$" -H "$ARG2$" -i $ARG3$ -w $ARG4$ -c $ARG5$

Note: <user> and <password> must be a valid user/password in op5 Logserver.

Service example

service_description	command_name	command_line
Failed Logins Total	check_logserver_filter	<filter>!<warn>!<crit> Ex: Failed_Logins!14!29
Failed Backup Jobs (24hours)	check_logserver_filter_interval	<filter>!<interval min>!<warn>!<crit> Ex: Failed_Backup_Jobs!1440!0!0
Critical Events	check_logserver_host_filter	<hostname>!<filter>!<interval>!<warn>!<crit> Ex: w2k3srv01!Critical!15!0!2
Failed Logins	check_logserver_host_filter	<hostname>!<filter>!<interval>!<warn>!<crit> Ex: linuxserver01!Failed_Logins!20!2!9


Author	Mattias Ryrlén Product Support Engineer op5 Support