Avoid complicated, expensive & unfocused tools - Install LOGROBOT specifically to Generate Reliable Notification Alerts on an unlimited number of log files on as many UNIX hosts & servers as is necessary! |
|
Screenshots for Nagios Users: Set up notification alerts on all log files - Monitor time stamps, log contents & size, Alert if log file suddenly no longer exists (if deleted or not created), Alert if log lacks proper permissions...etc |
|
|
|
Increase awareness to network infrastructure problems with fast detection of outages, Generate actionable alerts on Application specific issues / events, Database errors, System problems, Abnormal log behavior and more! |
|
Screenshots for Cacti Users: Graph & Beautify your log file activities - Visually inspect the graphs of all your monitored logs - Easily identify Rises & Drops in the frequency of entries |
|
For these particular graphs, LOGROBOT scans a unique log file every 5 minutes. The log file is written to by an application several times a minute. LOGROBOT scrapes the log at five minute intervals and then pulls out all information written to it within that time frame. From the 5 minute worth of data retrieved after scanning, LOGROBOT graphs the number of lines it finds that contains "hostname.*SUCCESS" or "hostname.*FAILURE" ("hostname" = name of a server). The GREEN graph show the number of lines found containing "hostname.*SUCCESS". The RED graph show the Failures. The middle graph shows an Aggregate of both graphs. |
|
Scan / Monitor log files for user-defined entries & EXCLUDE specific lines from the results Case Scenario: Within the last 30 minutes, find out how many lines in the log file [ /var/log/app.log ] contain both entries of "ERROR" and "Client". If any lines are found containing these two strings (ERROR.*Client), take note of that. From the list of lines found, see if there are any lines that also contain the keywords "error 404" OR "updateNumber". If there are, remove them from the list. After removing them, show me what is left. If the number of lines left is between 5 and 9, alert as WARNING. If equal to or over 10, alert as CRITICAL. If below 5, do not alert! Command: logrobot autofig /var/log/app.log 30 ‘ERROR.*Client’ '(error 404|updateNumber)' 5 10 -show
Monitor log files for certain entries - ALERT IF those entries are NOT found Case Scenario: For instance, within the last 30 minutes, if LOGROBOT does not find at least 2 lines containing the words "Success" and "Client" and "returned 200" OR "update:OK" in the log file, it must alert. So in other words, the lines to search for MUST contain both words of Success & Client (Success.*Client) AND one or both of the strings returned 200 and update:OK. Command: logrobot autofig /var/log/app.log 30 ‘SUCCESS.*Client’ '(returned 200|update:OK)' 2 2 -notfoundn
Scan Log files for specific entries & display results to the screen
This is particularly helpful in cases where you might want to see the actual lines that contain the patterns you instructed the tool to search for.
Example: logrobot autofig /var/log/app.log 30 ‘ERROR.*Client’ '(error 404|updateNumber:OK)' 5 10 -show
Example: logrobot autofig /var/log/app.log 30 ‘SUCCESS.*Client’ '(returned 200|update:OK)' 5 10 -show
Scan log files for minutes, hours, days, weeks or months worth of data
For instance, to pull out 2 weeks of information from within a large log file and to find out how many lines contain certain strings and patterns, you can run a command similar to this:
Example: logrobot autofig /var/log/app.log 2w ‘ERROR|error|panic|fail’ ‘ERROR|error|panic|fail’ 5 10 -foundn
Notice the [ 2w ]. And also, notice the strings being searched for. I repeated the strings ‘ERROR|error|panic|fail’ twice because there is no need to specify different search terms to look for. You don't have to repeat the first string. You can just enter a dot in its place for the second string..i.e:
logrobot autofig /var/log/app.log 2w ‘ERROR|error|panic|fail’ ‘.’ 5 10 -foundn
From this specific example, I'm telling LOGROBOT that I care about EVERY single line that contains any of the keywords I provided. The [ 2w ] of course means 2 weeks.
See below for the different ways of specifying the date range:
5m = 5 minutes (changeable to any number of minutes) 10h = 10 hours (changeable to any number of hours) 2d = 2 days (changeable to any number of days) 2w = 2 weeks (changeable to any number of weeks) 3mo = 3 months (changeable to any number of months)
Suppose you inherited a UNIX environment at your new job and don't know what to search for in the logs, here's an idea; instead of worrying about what to watch for, why not force the logs to reveal their hidden contents?
In the example below,
LOGROBOT was instructed to search the entire messages file (denoted
with the '.'). Then, it is to
ignore every line
that contains any one of these specific strings: 'nagios-primary
nagios' OR 'not responding' OR 'synchronized to'.
Whatever lines are left after these THREE patterns are ignored should
be outputted to the screen.
The logic here is; if you can
identify which entries in the logs are of NO importance to you, you
can exclude them from being monitored. Therefore, if a log file
is stripped of the familiar/unwanted, whatever is left will be
unfamiliar, thus requiring investigation.
General LOGROBOT Syntax: /bin/logrobot autofig (logfile) (time-in-minutes) '(string1)' '(string2)' (warn) (critical) (-foundn) Basic Usage:
[root@monitor
jbowman]# 2---240---108---ATWFILF---(Apr/13)-(03:35)---(Apr/14)-(03:35:23)
So now lets break this down: logrobot is the tool name. autofig is an option that is passed to the logrobot tool to tell it what to do. In this particular case, autofig is instructing logrobot to "automatically figure out" what type of log file /var/log/messages is, and if the format of the log file is supported, perform the remaining functions. /var/log/messages is of course the log file. 1440 is the amount of previous minutes you want to search the log file for. 1440 = last 24 hours. "ntpd" is one of the strings that is in the lines of logs that you're interested in. "stratum" is another string on the same line that you expect to find the "ntpd" string on. Specifying these two strings (luance and Err1310) isolates and processes the lines you want a lot quicker, particularly if you're dealing with a huge log file. 5 specifies Warning. By specifying 5, you're telling the program to alert as WARNING if there are at least 5 occurrences of the search strings you specified, in the log file within the last 60 minutes. 10 specifies Critical. By specifying 10, you're telling the program to alert as CRITICAL if there are at least 10 occurrences of the search strings you specified, in the log file within the last 60 minutes. -foundn specifies what type of response you'll get. By specifying -foundn, you're saying if anything is found that matches the specified strings within the 60 minute time frame, then that should be regarded as a problem and outputted out. Summarized Explanation: As you can see, the logrobot tool is monitoring a log file. The arguments that are passed to the tool instructs it to do the following: Within the last 60 minutes, if the tool finds less than 5 occurrences of the specified strings in the log file, DO NOT alert. If the tool finds between 5 to 9 occurrences of the specified strings in the log, it'll alert with a WARNING. If the tool discovers 10 or more instances of the strings in the log within the last 60 minutes, it'll alert with a CRITICAL. Now, let us look at the result of the command: 2---240---108---ATWFILF---(Apr/13)-(03:35)---(Apr/14)-(03:35:23) There are 6 columns which are separated by 3 hyphens (---). The first column shows the exit code of the command you just ran. 0 means all is well. 1 means WARNING, which means, LOGROBOT discovered conditions that fell under the WARNING specification you provided. 2 means CRITICAL, which means, the worst case scenario has been reached. In this particular example, here's what the output is telling us: You requested to have the /var/log/messages file scanned as far back as 24 hours ago (1440 minutes). The timeframe that was scanned was from [ April 13, 03:35 ] to [ April 14, 03:35 ]. After scanning through the records that were written to the log in that time frame, LOGROBOT found 108 lines that contained both strings of "ntpd" and "stratum 2". Also, as an FYI, the last date and time those specific strings were found in the log file was 240 seconds ago.
Monitor Any Log regardless of log format:
Alert if a
specific pattern is found in a log file. In the alert, show
offending/matching log lines:
Command:
NagiosLogMonitor
hostA logrobot autonda /var/log/syslog 60m 'kernel|panic' '.' 3
5 syslog_check -ndshow
Explanation:
Taking
simplicity to a New level:
Instead of forcing
users to have to read complex documentations, LOGROBOT provides real
life examples of its usage right from the command line. Yes, REAL LIFE
EXAMPLES! No guessing, no confusion, no scratching of the head. We
strongly believe in simplicity and we take the extra steps many
utilities refuse to take. Example: [root@nagios-primary ~]# ./logrobot autofig
----------------------------------------------------------------------------------------------------------------------------------------------
|
Who needs LOGROBOT?
Download LOGROBOT if you wish to:
More Features:
Monitors database logs for any error (mysql/oracle/etc) - Get notified
on issues quickly
Monitors custom application Log Files on any Unix
host, regardless of flavor
Alerts on the size / disk usage of files on your UNIX hosts -
Prevent log file(s) from taking up space
Monitor timestamps of files (ensure specific logs are being
updated regularly / frequently)
Scan Log files by time frames (i.e. previous 20 minutes, 60 minutes,
1 day, 1 week
etc) - Precise!
Alert when expected record of events are NOT found in a
log within a set period of time
In-Depth Analysis: scan logs for instances of unusual entries - Easily
Identify bizarre log content
Monitor different log formats (including
custom logs, not just the typical system files)
Scan logs for specific entries and exclude a list of user specified
patterns from the result
Includes PHP Web Interface for viewing of log files
on local and remote hosts
Allows for monitoring of all log files, even Windows files (mounted through
NFS on a UNIX server)
Ability to specify multiple strings / patterns
to watch for using Command line or Configs
Identify & Inform users on how long ago a particular string/pattern/keyword
was last found
Remote Agent Included for the monitoring of logs on several hosts
FROM ONE master
Automatically figures out conditions on which to recover alerts, based on log content
& other variables
Simple, pluggable command-line parameters (no need
for any confusing configuration files)
Automatically
detects log file type and format without user intervention
Get notified via email of all
events related to your log of choice on any server(s) you specify
Updated / Upgraded regularly to meet new demands from various clients,
different companies
Other Specific
Features:
Scan / Scrape / Monitor log files for any error
Monitor all logs in a specific directory
Point logrobot to ANY directory with just one check!
Avoid having to define separate checks for each log file
Specify the type of files to exclude / include in monitoring
Automate log checks via Nagios or CRONTAB
Get email alerts & notifications on all log checks
Access documentation directly from the CLI
Monitor log files for abnormal behavior/activity
Manage log file checks from a central location
Eliminate tedious administration
Avoid cumbersome maintenances
Adapts seamlessly to any custom scenario
Supported Log Files
Will all my logs be supported?
Yes, all log types / log formats are supported.
Some of the supported log files are listed below:
Tomcat Catalina.out logs
Apache Maxclient logs
Apache access logs
Apache error logs
OutOfMemory logs
JBoss log files
Java log files
Weblogic logs
Glassfish logs
Syslog log monitor
Maillog / Postfix / Syslog log files
Mysqld / Oracle Alert logs
Log4j
NEW FEATURE: Monitor any type of
log file regardless of format
Monitor File Timestamps:
In the example below, the LOGROBOT tool is asked to check the timestamp of the /var/log/messages file. If this file is not updated in 10 minutes, alert as WARNING. If the file isn't updated in 20 minutes, alert as CRITICAL. If the latest update time of the file is under 10 minutes, do not ALERT at all. Just abort with a 0. The '290' tells (in seconds) how long ago the file was last written to.
[root@monitor
jbowman]#
Monitor File Size:
In the next example below, LOGROBOT is being asked to monitor the size of the /var/log/messages file. If the size of the file is between 60 and 120 megabytes, it will alert as WARNING. If the size of the file is equal to or above 120 MB, it will alert as CRITICAL. Of course, if the reported file size is below 60, there are no issues to alert on. It will just abort with a 0. The 19:52 MB below denotes the current/latest size of the specified size.
[root@monitor
jbowman]#
[root@monitor
jbowman]# logrobot autodoc /var/log/messages
60 120 -filesize
Log Analysis:
Analyze Log Files Minute by Minute or Hour by Hour
If you wish to quickly identify, from your logs, what time period an issue occurred, logrobot can accomplish that for you effortlessly. The options to use are "-exceldm" and "-exceldh". These two options are designed specifically for minute by minute or hour by hour analysis.
EXAMPLE 1:
If you wanted to find out how many instances of your search patterns occurred each hour for the last 1 day, examine the below. The very first line of the output here tells us there are 2551 instances of the occurrence "CRITICAL" at the 6:00 hour. This immediately tells us it was in the 6:00 hour something serious happened.
[root@nagios-master ]# logrobot autofig /var/log/messages 1d 'CRITICAL' '.' 1 2 -exceldh
Example 1: Using Cacti, a log file on 6 different servers is being graphed for 500 related errors Each server below is tagged with a different color for easy identification:
Example 2: Using Cacti, a log file on 8 different servers is being graphed for 500 related errors Each server below is tagged with a different color for easy identification:
|
Artificial Log Intelligence - Instructing logs to reveal their hidden contents (by specifying a list of strings to ignore):
Show All entries logged in the [ kern.log ] log file within the last 2 HOURS:
Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.388215] hub 5-1:1.0: USB hub found Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.390118] hub 5-1:1.0: 4 ports detected Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.831895] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.0/input/input34 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.863133] logitech 0003:046D:C517.001C: fixing up Logitech keyboard report descriptor Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.865367] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.1/input/input35 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint
2---3240---13---(Sep/20)-(16:49)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08) NAGC
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
Scan through the above output and show ONLY lines that contain the strings "USB HID":
Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0
2---3420---3---(Sep/20)-(16:52)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08) NAGC
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
Search through the [ kern.log ] file. Find out which HOUR within the last 8 hours had the most entries logged:
frq=19,zsc=1.41421,asc=[Sep-20-(16)] frq=13,zsc=-0.707106,asc=[Sep-20-(17)] frq=13,zsc=-0.707106,asc=[Sep-20-(15)]
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
Search through the [ kern.log ] file once again. Find out which MINUTE(S) within the last 8 hours had the most entries logged:
frq=13,zsc=0.816496,asc=[Sep-20-(17:55)] frq=13,zsc=0.816496,asc=[Sep-20-(16:16)] frq=13,zsc=0.816496,asc=[Sep-20-(15:31)] frq=3,zsc=-1.22474,asc=[Sep-20-(16:24)] frq=3,zsc=-1.22474,asc=[Sep-20-(16:15)]
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
Show once again All entries recorded in the [ kern.log ] log file within the last 2 HOURS:
Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.388215] hub 5-1:1.0: USB hub found Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.390118] hub 5-1:1.0: 4 ports detected Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.831895] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.0/input/input34 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.863133] logitech 0003:046D:C517.001C: fixing up Logitech keyboard report descriptor Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.865367] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.1/input/input35 Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint
2---3960---13---(Sep/20)-(17:01)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08) NAGC
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
From the above output, exclude all lines that contain 'Logitech' and show me what is left:
Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.388215] hub 5-1:1.0: USB hub found Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.390118] hub 5-1:1.0: 4 ports detected Sep 20 17:55:06 jake-XPS-M1530 kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0 Sep 20 17:55:08 jake-XPS-M1530 kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint
2---4320---(8)-(13)-(61.5385%)-(8)-(0)-(frq=8,zsc=0,asc=[Sep-20-(17:55)])---(Sep/20)-(17:07)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08) NAGCzzmm
root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~# root@nagios-primary ~#
|
|
To Receive EMAIL Notifications on log files, run this command (you can also place command in CRON for automated scheduling of log checks):
|
|
What is a Log File Monitor? A log file monitor is a utility designed and built specifically to monitor and alert on messages produced by computer systems and the applications that run on them.In UNIX, the monitoring of log files is absolutely necessary, and for good reason. You see, the time of a Unix Professional is valuable. Few, if any, can afford to spend hours each day scouring through the many log files that are generated by systems and network applications. However, if you fail to quickly recognize the abnormal or fatal events chronicled in these log files, entire networks can be abused and/or removed from service....which can cost your company dearly, monetarily speaking. If you wish to monitor log files, there are basically [ 3 ] options available to you:
If you embark on a journey to write your own script, you have to understand that it will be an endeavor that will take years to complete, and that's assuming you're a skilled programmer. Monitoring log files goes far beyond simply watching the contents of files for specific errors. As time goes on, there will be new requirements, changes, and continuous requests for modifications which in the end, if the developer isn't creative, can lead to an unusable script - one that is not user friendly. If you choose to download the FREE log monitoring scripts that are available on the internet, you will quickly discover how ineffective they all are and how much work is necessary to get them to cooperate. If this is the option you choose to go with, you must ask yourself some very important questions:
The answers to these questions are usually depressing. Proceed with caution.
Characteristics of the Ideal Log Monitor: When searching for the right utility to use to monitor & alert on log files, what features should the perfect tool have? The ideal log monitor must be able to scan and monitor log files in a very short period of time, preferably in seconds (no matter how big the log file is). At the very least, the perfect log monitor must be able to:
While each feature listed here is important, it is worth noting that above all else, the perfect log monitoring utility must be easy to use. Users SHOULD NEVER have to spend too much time reading documentations before being able to utilize a software. The more complex a utility is, the more likely it is to be used the wrong way or abandoned altogether. Imagine having to re-read the Instruction Guide of your Television remote control each time you wanted to use it. Can you picture the annoyance of that? When it comes to log monitoring, ease of use is essential. I cannot stress this enough. The developer(s) must focus a great deal of effort into drastically limiting or even eliminating the need for configuration files. Also, the syntax of the tool must be easily comprehensible and applicable directly from the command line. This means, if a random user were to run the tool from the command line, there shouldn’t be room for confusion. That user should be able to conveniently obtain whichever end result he/she was expecting WITHOUT having to read several pages of complex documentations. This is where the superiority of LOGROBOT comes into play. LOGROBOT (also known as logXray) is a commercial Log Monitoring utility that is very easy to utilize. It is robust, seasoned and efficiently versatile like no other tool. It understands the overriding significance of log alerting and focuses on ensuring only valid alarms are generated for the log files it monitors. Installation wise, LOGROBOT does not require the addition of any nonnative modules or libraries to the system. Which means, you can install it freely on production servers without tampering with existing libraries or modules. LOGROBOT has a wide range of capabilities. It isn't limited to only scanning log file contents for errors. It can do virtually anything as long as it falls under the banner of log monitoring. Additionally, LOGROBOT has years of real life situations, possibilities and conditions built into it, which basically means it is highly unlikely you will come up with a need that hasn't already been thought of and programmed into the tool. In the unlikely event that does happen, chances are, work is already in progress to address it. When it comes to keeping an unwavering eye on all important log files in your UNIX environment, you need ONE log monitoring tool, and LOGROBOT is that tool!
|
|
Configuring Logrobot with Nagios ( if you have Nagios) |
|
define command {
command_name NagiosLogMonitor command_line $USER1$/NagiosLogMonitor $HOSTADDRESS$ $ARG1$ $ARG2$ $ARG3$ $ARG4$ '$ARG5$' '$ARG6$' $ARG7$ $ARG8$ $ARG9$ $ARG10$ }
define service {
|
|
Frequently Asked Questions |
|
What exactly can I do with LOGROBOT?
Is it easy to install LOGROBOT? Absolutely! With LOGROBOT, there's very little you have to do. Most UNIX tools often force users to manually edit configuration files, perform complex compilations and install packages or libraries that are unnatural to the UNIX system. With LOGROBOT, there is no need for that. All the manual work you would have had to do has already been automated and hard-coded into the installation script ( InstallAgent.sh ). Which means, all you have to do, after downloading the LOGROBOT zip file, is to just run one simple command and everything will be automatically set up in place for you.
In what other ways can LOGROBOT be used to scan, monitor and alert on log files: There are many different ways in which LOGROBOT can be used to monitor log files.
For example:
How easy is it to setup log checks / log monitoring for log files?
The LOGROBOT tool is designed in such a way that allows it to handle,
by itself, all the several little steps other tools
would have had you do yourself...i.e. compilations, editing a
bazillion files, searching for ReadMe text files, having to read those
text files, troubleshooting issues...etc. This automated
design eliminates the chances of a screw-up, and saves you from
stressing over technical issues. Some of my Logs do not have a date format. Can LOGROBOT monitor these types of log files? Yes! Just pass the “autonda” option to LOGROBOT, instead of autofig. Matter of fact, you can try either one of those options to see which one you prefer. “autonda” is much faster. "autonda" provides more robust information about the log you're monitoring. "autofig" can be used to perform analysis on logs that have a consistent date & time format. To get familiar with all the options available in LOGROBOT, at the command line, simply type: [root@nagios-master ]# ./logrobot auto (or you can type it with no arguments)
After Purchasing LOGROBOT will you assist me if I need any help? Absolutely! Support is free. It is highly unlikely you'll need help setting up LOGROBOT. The tool was deliberately designed and built to be simplistic in its setup. However, if you find that you require some type of assistance, please do not hesitate to Contact Us.
Can you help me with the installation of Nagios and/or Cacti on my UNIX System(s)? Absolutely! If you don't already have Nagios installed, but wish to have it, let us know. We have an automated utility in our arsenal that will install both applications for you, relieving you of the tedious responsibility of having to labor over complex configuration setups. Contact Us for more information.
|
How much is LOGROBOT? LOGROBOT is currently $99.95. See the table at the bottom of the page for other options.
Are the listed prices one-time payments, or are they monthly (reoccurring)? All plans listed at the bottom of this page are one-time payments.
Is there a Money Back Guarantee? Yes. There is a 90 Day Money Back Guarantee. If you're not satisfied for any reason with the LOGROBOT tool, by all means, please let us know. We have never had to issue a refund, but we will if asked. We stand proudly by our product and the time-saving, labor-eliminating, alert reliability services it delivers.
Is LOGROBOT sold on a per server basis? At the moment, No. This means, for the price listed for each plan at the bottom of this page, you will be able to monitor an unlimited number of log files on as many UNIX hosts as you need.
I want to be able to monitor the log files on ALL my UNIX servers Things you need to do for that to happen: P lace LOGROBOT on ALL your UNIX servers. Installation is very simple:
Basically, here’s all you have to do on each of your UNIX hosts:
Explanation of the parameters:
5666 10.20.30.40 Client To install LOGROBOT on the MASTER server, just run this:
Change the port number and/or IP address to match your environment Installation Completed!
I want to be able to also VIEW log files on all my hosts from ONE Web Interface LOGROBOT comes with a PHP Web Interface that enables you to specify which host a log file is on, what TCP port you wish to connect to on that host, and where the log file is located on the host. The benefit of this feature is so that you DON'T have to manually log in to any server in order to view the contents of the log files on that server. This feature basically eliminates the tedious task of having to type passwords repetitively to gain access to several servers. It eliminates the need to generate tokens or to tamper with ssh config files. None of that is necessary. If you want to view a particular log file on host x, simply bring up the PHP Web Interface, type in the host name, the location of the log file, what port to connect to, then hit submit!
Can I monitor for multiple strings in a log file instead of searching for them separately?
Yes! If you want to monitor your logs for multiple strings, you can
run LOGROBOT this way:
Monitor log for strings “Error” and “Panic” and
“Exception” and “Kernel” In other words, NO, you do not have to run several instances of LOGROBOT for different strings. LOGROBOT can monitor them all in one go!
After downloading LOGROBOT, can I submit requests to add custom / personalized features? Yes. We usually complete custom requests within 24 to 72 hours of submission. If your request isn't of an urgent nature, please state so in your email. NON-Urgent email requests will be completed within 5 business days. Contact us for more information.
|
LogRobot |
|
Unlimited UNIX Hosts / Servers Monitor Unlimited Log files on each host! |
$99.95 Buy Now (one time payment)Instant Download! |
|
|||||||||
|
|||||||||
The Automated Download of LOGROBOT will begin within 10 seconds of payment completion. |
|||||||||
|
|||||||||
Copyright | Restrictions | Licensed Product | Grant of License | Warranty | License Agreement |