Module: check_mk
Branch: master
Commit: daee293903ea70fad8cc12ea40ed990c5d925722
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=daee293903ea70…
Author: Simon Betz <si(a)mathias-kettner.de>
Date: Mon Jan 9 10:09:40 2017 +0100
4257 logwatch.groups: now allows regular expressions within include and exclude patterns
each beginning with a tilde
Change-Id: I69dad1ec78a16071218a52fdb4f7b5b221b10ea5
---
.werks/4257 | 9 ++++++
ChangeLog | 1 +
checks/logwatch | 53 ++++++++++++++++++++++++++++++++++--
web/plugins/wato/check_parameters.py | 3 ++
4 files changed, 64 insertions(+), 2 deletions(-)
diff --git a/.werks/4257 b/.werks/4257
new file mode 100644
index 0000000..84ad0d3
--- /dev/null
+++ b/.werks/4257
@@ -0,0 +1,9 @@
+Title: logwatch.groups: now allows regular expressions within include and exclude
patterns each beginning with a tilde
+Level: 1
+Component: checks
+Compatible: compat
+Version: 1.4.0i4
+Date: 1483952918
+Class: feature
+
+
diff --git a/ChangeLog b/ChangeLog
index 3340f70..7890527 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -9,6 +9,7 @@
* 4007 Windows Agent: Reduced number of needless WMI Queries when Skype performance
counters are missing...
* 4210 jolokia_generic, jolokia_generic.rate, jolokia_generic.string: New checks to
monitor custom MBeans
* 4175 didactum_sensors_analog.humidity: new check which monitors the humidity of
Didactum devices supporting the DIDACTUM-SYSTEM-MIB
+ * 4257 logwatch.groups: now allows regular expressions within include and exclude
patterns each beginning with a tilde
* 4171 FIX: perle_psmu: fixed value error...
* 4172 FIX: smart.temp: fixed discovery and check function...
* 4173 FIX: if.include: ignore some more keys in 'Network interfaces and switch
ports' rule which are only used for interface grouping
diff --git a/checks/logwatch b/checks/logwatch
index 7509a46..36cf164 100644
--- a/checks/logwatch
+++ b/checks/logwatch
@@ -37,6 +37,7 @@ logwatch_groups = []
# Variables embedded in precompiled checks
check_config_variables += [ "logwatch_dir", "logwatch_max_filesize",
"logwatch_service_output" ]
+
# .--General-------------------------------------------------------------.
# | ____ _ |
# | / ___| ___ _ __ ___ _ __ __ _| | |
@@ -48,6 +49,7 @@ check_config_variables += [ "logwatch_dir",
"logwatch_max_filesize", "logwatch_s
# | General functions, for normal and forwarding logwatch check |
# '----------------------------------------------------------------------'
+
def logwatch_ec_forwarding_enabled(params, item):
if 'restrict_logfiles' not in params:
return True # matches all logs on this host
@@ -59,6 +61,7 @@ def logwatch_ec_forwarding_enabled(params, item):
return False
+
# Splits the number of existing logfiles into
# forwarded (to ec) and not forwarded. Returns a
# pair of forwarded and not forwarded logs.
@@ -140,6 +143,7 @@ def logwatch_state(state):
else:
return "OK"
+
def logwatch_level_name(level):
if level == 'O': return 'OK'
elif level == 'W': return 'WARN'
@@ -147,6 +151,7 @@ def logwatch_level_name(level):
elif level == 'C': return 'CRIT'
else: return 'IGN'
+
def logwatch_level_worst(worst, level):
if level == 'O': return max(worst, 0)
elif level == 'W': return max(worst, 1)
@@ -154,6 +159,7 @@ def logwatch_level_worst(worst, level):
elif level == 'C': return max(worst, 2)
else: return worst
+
# Extracts patterns that are relevant for the current host and item.
# Constructs simple list of pairs: [ ('W', 'crash.exe'), ('C',
'sshd.*test') ]
def logwatch_precompile(hostname, item, _unused):
@@ -229,6 +235,7 @@ def logwatch_reclassify(counts, patterns, text, old_level):
return new_level
+
def logwatch_parse_line(line):
parts = line.split(None, 1)
level = parts[0]
@@ -238,6 +245,7 @@ def logwatch_parse_line(line):
text = ""
return level, text
+
#.
# .--Logwatch------------------------------------------------------------.
# | _ _ _ |
@@ -250,6 +258,7 @@ def logwatch_parse_line(line):
# | Normal logwatch check |
# '----------------------------------------------------------------------'
+
# In case of a precompiled check, params contains the precompiled
# logwatch_patterns for the logfile we deal with. If using check_mk
# without precompiled checks, the params must be None an will be
@@ -303,8 +312,10 @@ check_info['logwatch'] = {
'group' : 'logwatch',
}
+
precompile_params['logwatch'] = logwatch_precompile
+
# .--lw.groups-----------------------------------------------------------.
# | _ |
# | | |_ ____ _ _ __ ___ _ _ _ __ ___ |
@@ -316,23 +327,49 @@ precompile_params['logwatch'] = logwatch_precompile
# | |
# '----------------------------------------------------------------------'
+
def logwatch_group_precompile(hostname, item, _unused):
return logwatch_precompile(hostname, item, None), host_extra_conf(hostname,
logwatch_groups)
+
def logwatch_groups_of_logfile(filename, params=False):
groups = []
if not params:
params = host_extra_conf(g_hostname, logwatch_groups)
else:
params = params[1]
+
for line in params:
for group_name, pattern in line:
inclusion, exclusion = pattern
- if fnmatch.fnmatch(filename, inclusion) \
- and not fnmatch.fnmatch(filename, exclusion):
+
+ inclusion_is_regex = False
+ exclusion_is_regex = False
+ if inclusion.startswith("~"):
+ inclusion_is_regex = True
+ inclusion = inclusion[1:]
+ if exclusion.startswith("~"):
+ exclusion_is_regex = True
+ exclusion = exclusion[1:]
+
+ if inclusion_is_regex:
+ reg = regex(inclusion)
+ incl_match = reg.match( filename )
+ else:
+ incl_match = fnmatch.fnmatch( filename, inclusion )
+
+ if exclusion_is_regex:
+ reg = regex(exclusion)
+ excl_match = reg.match( filename )
+ else:
+ excl_match = fnmatch.fnmatch( filename, exclusion )
+
+ if incl_match and not excl_match:
groups.append(group_name)
+
return groups
+
def inventory_logwatch_groups(info):
forwarded_logs, not_forwarded_logs = logwatch_select_forwarded(info)
added_groups = []
@@ -345,6 +382,7 @@ def inventory_logwatch_groups(info):
inventory.append((group, None))
return inventory
+
def check_logwatch_groups(item, params, info):
if len(info) == 1:
line = " ".join(info[0][1:])
@@ -377,7 +415,11 @@ check_info['logwatch.groups'] = {
'node_info' : True,
'group' : 'logwatch',
}
+
+
precompile_params['logwatch.groups'] = logwatch_group_precompile
+
+
#.
@@ -609,6 +651,7 @@ def check_logwatch_generic(item, params, loglines, found,
groups=False):
# | Forwarding logwatch messages to event console |
# '----------------------------------------------------------------------'
+
# OK -> priority 5 (notice)
# WARN -> priority 4 (warning)
# CRIT -> priority 2 (crit)
@@ -626,6 +669,7 @@ def logwatch_to_prio(level):
else:
return 4
+
def inventory_logwatch_ec(info, one_svc_per_log):
forwarded_logs, not_forwarded_logs = logwatch_select_forwarded(info)
@@ -655,6 +699,7 @@ def inventory_logwatch_ec(info, one_svc_per_log):
else:
yield None, { "expected_logfiles": forwarded_logs }
+
def check_logwatch_ec(item, params, info):
if len(info) == 1:
line = " ".join(info[0][1:])
@@ -843,6 +888,7 @@ def check_logwatch_ec(item, params, info):
return (2, 'Unable to forward messages to event console (%s). Lost %d
messages.' %
(e, num_messages))
+
def logwatch_ec_precompile(hostname, item, params):
params = params.copy()
@@ -895,9 +941,11 @@ def logwatch_ec_precompile(hostname, item, params):
return params
+
precompile_params['logwatch.ec'] = logwatch_ec_precompile
precompile_params['logwatch.ec_single'] = logwatch_ec_precompile
+
check_info['logwatch.ec'] = {
'check_function' : check_logwatch_ec,
'inventory_function' : lambda info: inventory_logwatch_ec(info, False),
@@ -907,6 +955,7 @@ check_info['logwatch.ec'] = {
'has_perfdata' : True,
}
+
check_info['logwatch.ec_single'] = {
'check_function' : check_logwatch_ec,
'inventory_function' : lambda info: inventory_logwatch_ec(info, True),
diff --git a/web/plugins/wato/check_parameters.py b/web/plugins/wato/check_parameters.py
index 68e13ba..5138466 100644
--- a/web/plugins/wato/check_parameters.py
+++ b/web/plugins/wato/check_parameters.py
@@ -12381,6 +12381,9 @@ register_rule(group + '/' + subgroup_applications,
title = _('Logfile Grouping Patterns'),
help = _('The check <tt>logwatch</tt> normally creates one
service for each logfile. '
'By defining grouping patterns you can switch to the check
<tt>logwatch.groups</tt>. '
+ 'If the pattern begins with a tilde then this pattern is
interpreted as a regular '
+ 'expression instead of as a filename globbing pattern and
<tt>*</tt> and <tt>?</tt> '
+ 'are treated differently. '
'That check monitors a list of logfiles at once. This is useful if
you have '
'e.g. a folder with rotated logfiles where the name of the current
logfile'
'also changes with each rotation'),