Monitoring logfiles on Windows with Check MK

From Levy

Revision as of 14:23, 5 August 2021 by Louis (talk | contribs) (Created page with "== Introduction == While Check_MK does an excellent job of monitoring the Windows logs in the Windows log facility, it gets a bit trickier to monitor plain text files of appli...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Introduction

While Check_MK does an excellent job of monitoring the Windows logs in the Windows log facility, it gets a bit trickier to monitor plain text files of applications that do not log to the Windows log.

Solution

In the 1.6 release of Check_MK a plugin to do this task was provided. However in 2.0 and higher this executable was removed. So here we're going to use the executable from Check_MK 1.6p25. After that the configuration is quite straight forward.

First, download the the mk_logwatch plugin from here: mk_logwatch.zip. Unzip it and place mk_logwatch.exe in the plugins directory of the Windows server (typically C:\ProgramData\checkmk\agent\plugins)

Now that the plugin is in place we need to create a configuration file for it. Create the file logwatch.cfg in C:\ProgramData\checkmk\agent\config. Just as on Linux you tell the system what logfiles to monitor and what regular expressions should trigger the monitoring system. Below is an exmaple: 

D:\MyApplication\log\MyApp.log
 I OK
 W Warning
 C Error

This tells Check_MK to monitor D:\MyApplication\log\MyApp.log and generate Informational, Warning or Critical messages based on the regular expression that follows.

Retrieved from ‘https://wiki.wevers.tv:8443/index.php?title=Monitoring_logfiles_on_Windows_with_Check_MK&oldid=77