monit-general
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Monitoring logs

From: Petra Humann
Subject: Re: Monitoring logs
Date: Fri, 4 Mar 2016 09:37:02 +0100 
Hello Martin,

from monit.log:

> [CET Mar  2 08:23:11] info     : 'syslog' start on user request
> ...
> [CET Mar  2 08:23:41] error    : 'syslog' content match [Mar  2 06:28:25 host 
> kernel: matching content
> ….
> [CET Mar  2 08:23:41] error    : 'syslog' content match [Mar  2 07:54:44 host 
> kernel: matching content


Is it possible to scan the file not from beginning, but from 'syslog‘ starting 
time
to get only new matching entries?

> Am 02.03.2016 um 15:05 schrieb Martin Pala <address@hidden>:
> 
> monit saves the log file position in the state file (by default stored in 
> ~/.monit.state). If the inode changes, or size of the file shrinks, the 
> position is reset.
> Please check if your state file is stored in a persistent filesystem. 

Here is all okay.

>> On 02 Mar 2016, at 10:03, Petra Humann <> wrote:
>> 
>> I’m monitoring syslog with
>> 
>> check file syslog with path /var/log/syslog
>>      stop program = "/usr/bin/ssh remote /sbin/cmd parameter"
>>      start program = "/bin/true"
>>      if match „some string" then restart
>> 
>> Two problems:
>> If I start monitoring, the whole syslog is scanned from beginning 
>> and not from the monit start time.
>> If the condition occurs, I see in the logs of the remote system
>> the login, but the command "/sbin/cmd parameter“ is not always
>> executed….
Solved. This was not a monit problem.

>> The system is an actual Debian Jessie LTS.

Thank you very much.
Petra Humann

Attachment: smime.p7s
Description: S/MIME cryptographic signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]