Hello everyone,
in our company we are currently running check_mk with SNMP setup.
So far I’ve never seen this kind of setup and therefore I’m a bit clueless about how to integrate logfile checks.
The task is to periodically check a logfile on a specific pattern and alert if the pattern has been found.
Usually I’ve implemented such checks using check_logfiles:
Hi,
you can integrate SNMP within the Event Console. SNMP and Logsfile are event driven, so the best way is to use an event receiver.
Cheers,
Christian
Hi Christian,
thanks for your quick answer, that means we would have to forward our logfiles to the check_mk server
rather to analysing the logfiles on the host itself?
Isn’t there any way of searching the patterns on the monitored host itself?
Thanks and regards
Jörg
Anyone, I’m somehow quite stuck 
Hi Jo3rg,
Maybe not a definitive answer, but I would assume you are sending logs to a syslog server.
You could possible install the check_mk agent and logwatch plugin on the syslog server. Then configure /etc/check_mk/logwatch.cfg to monitor normal text files for Error/Warning/Down …
You can also send syslogs logs directly to Check_MK Event Console and create rules to alert, but not used this method myself yet. (Job to do)
I’m sure someone else can add to the discussion.
HTH
Andy
Yes
With SNMP alone you have no possibility to check log files.
The only exceptions are devices storing the events in own tables inside the MIB tree.
But this will not working for monitoring servers with SNMP.
One Question and comment to your original post - why is the server monitoring done with SNMP?
The data you get from SNMP for memory and cpu are useless and process monitoring is a “pain in the ass” 
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.