Re: Monitoring timestamp rotation files (UNCLASSIFIED) (Apache Users)

Hi Nick,

Thanks for your help.

I think for normal cases ..

If the most recent logs don't have timestamp (they only have timestamp after it got rotated).

logfile

logifile.2014.05.28

logifile.2014.05.27

Then I can just tell the monitoring tool to monitor logfile ..(without the timestamp)

Now the most recent logs file also have timestamp

logfile.2014.05.29

logifile.2014.05.28

logifile.2014.05.27

If I am telling the monitoring tool to monitor most recent log file logfile.2014.05.29

The next day the most recent one would be logfile.2014.05.30

I cannot just feed a file a name to the monitoring

Can you point me out some common practices what we can do? (think we are going to use Nagios)

Either

On Wed, May 28, 2014 at 1:20 PM, Folino, Nick E CTR USARMY HRC (US) <nick.e.folino.ctr@xxxxxxxx> wrote:

Classification: UNCLASSIFIED
Caveats: FOUO

Is this what you need?

CustomLog "|bin/rotatelogs /var/logs/logfile.%Y.%m.%d 86400" common

Nick

-----Original Message-----
From: eric tse [mailto:hfetse@xxxxxxxxx]
Sent: Wednesday, May 28, 2014 11:45 AM
To: users@xxxxxxxxxxxxxxxx
Subject: Monitoring timestamp rotation files

Hi,

I am using apache and configured logs with timestamp.
I am facing potential problem in adding these files through add monitor command.
I don't know which is effective way I can use to add log files. same time it should not read old files.

CustomLog "|bin/rotatelogs /var/logs/logfile 86400" common

for example
error_log.1388707200 (this is not even a time dadte, this is system time)

I read some article using a solution blunk http://answers.splunk.com/answers/23671/monitoring-timestamp-rotation-log-files

that we can just add the directory where our logs are stored ..

I think I am going to use Negios for monitoring.

I am not sure if someone can point me out the directions? (Open source solution would be preferable)

Many thanks,

Thanks and regards,
Eric

Classification: UNCLASSIFIED
Caveats: FOUO