Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
hello all
I am monitoring log file with zabbix-agent. for example when it reads from log "SELinux is preventing" it generates alarm by trigger. my questions is that if I set item's update on 1 sec, even in one second it is generating alarm on last match in the log file. I think agent is reading from the bottom of file. how can I generate alarm for each mach by timestamp? any ideas?
hello all
I am monitoring log file with zabbix-agent. for example when it reads from log "SELinux is preventing" it generates alarm by trigger. my questions is that if I set item's update on 1 sec, even in one second it is generating alarm on last match in the log file. I think agent is reading from the bottom of file. how can I generate alarm for each mach by timestamp? any ideas?
show us your zabbix_agentd.conf and the script you are using to monitor the log.
And a sanitized snippet of the monitored log please that includes the timestamp.
Do NOT use 1s to update, it's a recipe for failure.
ok thanks for you reply.I will show it later now I am not at place. zabbix-agend.conf contains usual settings server ip and hostname of monitored server. I just want to see alert from /var/log/maillog everytime it logs "Virus Detected" if it is logged 10 times logged zabbix gives alert for tenth not for each entry. I want alert for each entry. zabbis server is checking it every 10 minute but there may be 100 entries anyway I have to look logs for investigation but in case of monitoring system I need every entry.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.