10 More Discussions You Might Find Interesting
1. AIX
In our customer place somebody removed and PV from the server. I want the information like which user removed this PV.
Is there any way to get PV removal information.
When did the PV removed from the server ?
Whether AIX auding will help ?
Where i can get these information ?
Thank... (2 Replies)
Discussion started by: sunnybee
2 Replies
2. SCO
edit: solution found
Auditing Quick Start and Compatibility Notes (1 Reply)
Discussion started by: Linusolaradm1
1 Replies
3. Infrastructure Monitoring
We have a dual Nagios server setup. One is setup for internal server monitoring on our LAN, while the second Nagios server is hosted externally and is used for external checks only such as URL and ping checks form the WAN side.
I was wondering if there is any way to setup cross dependencies... (1 Reply)
Discussion started by: eugenes18t
1 Replies
4. AIX
can some give some tips, most common security issues or and kind of advice about auditing aix system?
regards (2 Replies)
Discussion started by: bongo
2 Replies
5. Solaris
Hi ,
I don't want logs from a particular "library" to get recorded in the audit.log file. Is that possible with BSM? Please guide.
Thanks. (2 Replies)
Discussion started by: chinchao
2 Replies
6. AIX
Hi All,
i've a problem on a AIX server with audit config...
when i start the audit i receive this error:
root@****:/etc/security/audit > /usr/sbin/audit start
Audit start cleanup: The system call does not exist on this system.
** failed setting kernel audit objects
I don't understand... (0 Replies)
Discussion started by: Zio Bill
0 Replies
7. Shell Programming and Scripting
I need a command line that will ls -l a directory and pick (grep?) all files that don't match a desired owner without losing track of the filename at any point. This way I can list later on "here are all the files with an incorrect owner". Thanks in advance (4 Replies)
Discussion started by: stevensw
4 Replies
8. AIX
I have a question relating with AIX auditing Question is can we set Auditing on a particular file in AIX for a particular application only?
Let say I have a file name "info.jar" and I have three application named APP1, APP2 & APP3 which are accessing that file so I want to know that which... (0 Replies)
Discussion started by: m_raheelahmed
0 Replies
9. UNIX for Advanced & Expert Users
:)I need a little help. I have sent all of our logs to our log server, but I can't send the audit logs that are in /var/log/audit.log. Can someone give me some type of idea to transfer these logs.
Thank You (2 Replies)
Discussion started by: aojmoj
2 Replies
10. UNIX for Dummies Questions & Answers
Hello everbody:
I have a file on the system, I need to check who was the last user who accessed or modified it, and if i can get any further details i can get like IP or access time,etc.
do you have any idea about simple concept or way i can do that in unix tru64 or solaris 9?
thanks in advance... (2 Replies)
Discussion started by: aladdin
2 Replies
Nagios::StatusLog(3pm) User Contributed Perl Documentation Nagios::StatusLog(3pm)
NAME
Nagios::StatusLog, Nagios::(Service|Host|Program)::Status - Perl objects to represent the Nagios status file
DESCRIPTION
Reads the Nagios status log and returns ::Status objects that can be used to get status information about a host. For Nagios version 2.x
logs, pass in the Version => 2.0 parameter to new(). And similarly, pass in the Version => 3.0 parameter to new() for Nagios version 3.x
logs.
my $log = Nagios::StatusLog->new(
Filename => "/var/opt/nagios/status.log",
Version => 1.0
);
$localhost = $log->host( "localhost" );
print "status of localhost is now ",$localhost->status(),"
";
$log->update();
print "status of localhost is now ",$localhost->status(),"
";
# for Nagios v2.0
my $log = Nagios::StatusLog->new(
Filename => "/var/cache/nagios2/status.dat",
Version => 2.0
);
# for Nagios v3.0
my $log = Nagios::StatusLog->new(
Filename => "/var/cache/nagios3/status.dat",
Version => 3.0
);
METHODS
new()
Create a new Nagios::StatusLog instance. The object will be initialized for you (using $self->update()).
Nagios::StatusLog->new( "/var/opt/nagios/status.log" );
update()
Updates the internal data structures from the logfile.
$log->update();
service()
Returns a Nagios::Service::Status object. Input arguments can be a host_name and description list, or a Nagios::Service object.
my $svc_stat = $log->service( "localhost", "SSH" );
my $svc_stat = $log->service( $localhost_ssh_svc_object );
Nagios::Service::Status has the following accessor methods (For V1):
host_name
description
status
current_attempt
state_type
last_check next_check
check_type
checks_enabled
accept_passive_service_checks
event_handler_enabled
last_state_change
problem_has_been_acknowledged
last_hard_state
time_ok
current_notification_number
time_warning
time_critical
process_performance_data
notifications_enabled
latency
scheduled_downtime_depth
is_flapping
plugin_output
percent_state_change
execution_time
time_unknown
failure_prediction_enabled
last_notification
obsess_over_service
flap_detection_enabled
list_services()
Returns an array of all service descriptions in the status log. Services that may be listed on more than one host are only listed once
here.
my @all_services = $log->list_services;
list_services_on_host()
Returns an array of services descriptions for a given host.
my @host_services = $log->list_services_on_host($hostname);
my @host_services = $log->list_services_on_host($nagios_object);
host()
Returns a Nagios::Host::Status object. Input can be a simple host_name, a Nagios::Host object, or a Nagios::Service object.
my $hst_stat = $log->host( 'localhost' );
my $hst_stat = $log->host( $host_object );
my $hst_stat = $log->host( $svc_object );
Nagios::Host::Status has the following accessor methods (for V1):
host_name
status
last_check
last_state_change
problem_has_been_acknowledged
time_up
time_down
time_unreachable
last_notification
current_notification_number
notifications_enabled
event_handler_enabled
checks_enabled
flap_detection_enabled
is_flapping
percent_state_change
scheduled_downtime_depth
failure_prediction_enabled
process_performance_data
plugin_output
list_hosts()
Returns a simple array of host names (no objects).
my @hosts = $log->list_hosts;
info() [Nagios v2 & v3 logs only]
Returns a Nagios::Info::Status object. It only has two methods, created() and version().
my $i = $log->info;
printf "Logfile created at %s unix epoch time for Nagios verion %s
",
$i->created,
$i->version;
contact() [Nagios v3 logs only]
Returns a Nagios::Contact::Status object. Input can be a simple contact_name, or a Nagios::Contact object.
my $c = $log->contact( 'john' );
my $c = $log->contact( $contact_object );
Nagios::Contact::Status has the following accessor methods (for v3):
contact_name
modified_attributes
modified_host_attributes
modified_service_attributes
host_notification_period
service_notification_period
last_host_notification
last_service_notification
host_notifications_enabled
service_notifications_enabled
hostcomment() [Nagios v3 logs only]
Returns a Nagios::Hostcomment::Status object. Input can be a simple host_name, or a Nagios::Host or Nagios::Service object.
my $c = $log->hostcomment( 'localhost' );
my $c = $log->hostcomment( $localhost_object );
my $c = $log->hostcomment( $localhost_service_object );
foreach my $id (sort keys %$c) {
printf "Host %s has a comment[$id] made by %s on %s: %s",
$c->{$id}->host_name, $c->{$id}->author, scalar localtime $c->{$id}->entry_time, $c->{$id}->comment_data;
}
Nagios::Hostcomment::Status is a perl HASH, keyed with the Nagios comment IDs, where each ID has the following accessor methods (for
v3):
host_name
entry_type
comment_id
source
persistent
entry_time
expires
expire_time
author
comment_data
servicecomment() [Nagios v3 logs only]
Returns a Nagios::Servicecomment::Status object. Input can be a simple host_name or Nagios::Host object with a service description or
Nagios::Service object, or just a Nagios::Service object by itself.
my $c = $log->servicecomment( 'localhost', 'SSH' );
my $c = $log->servicecomment( $localhost_object, $localhost_ssh_svc_object );
my $c = $log->servicecomment( $localhost_ssh_svc_object );
foreach my $id (sort keys %$c) {
printf "Service %s on %s has a comment[$id] made by %s on %s: %s",
$c->{$id}->service_description, $c->{$id}->host_name, $c->{$id}->author, scalar localtime $c->{$id}->entry_time, $c->{$id}->comment_data;
}
Nagios::Servicecomment::Status is a perl HASH, keyed with the Nagios comment IDs, where each ID has the following accessor methods (for
v3):
host_name
service_description
entry_type
comment_id
source
persistent
entry_time
expires
expire_time
author
comment_data
hostdowntime() [Nagios v3 logs only]
Returns a Nagios::Hostdowntime::Status object. Input can be a simple host_name, or a Nagios::Host or Nagios::Service object.
my $d = $log->hostdowntime( 'localhost' );
my $d = $log->hostdowntime( $localhost_object );
my $d = $log->hostdowntime( $localhost_service_object );
foreach my $id (sort keys %$d) {
printf "Host %s has scheduled downtime[$id] made by %s on %s for %.1f hours [%s - %s]: %s",
$d->{$id}->host_name, $d->{$id}->author, scalar localtime $d->{$id}->entry_time, ($d->{$id}->duration)/3600.0,
scalar localtime $d->{$id}->start_time, scalar localtime $d->{$id}->end_time, $d->{$id}->comment;
}
Nagios::Hostdowntime::Status is a perl HASH, keyed with the Nagios downtime IDs, where each ID has the following accessor methods (for
v3):
host_name
downtime_id
entry_time
start_time
end_time
triggered_by
fixed
duration
author
comment
servicedowntime() [Nagios v3 logs only]
Returns a Nagios::Servicedowntime::Status object. Input can be a simple host_name or Nagios::Host object with a service description or
Nagios::Service object, or just a Nagios::Service object by itself.
my $c = $log->servicedowntime( 'localhost', 'SSH' );
my $c = $log->servicedowntime( $localhost_object, $localhost_ssh_svc_object );
my $c = $log->servicedowntime( $localhost_ssh_svc_object );
foreach my $id (sort keys %$d) {
printf "Service %s on %s has scheduled downtime[$id] made by %s on %s for %.1f hours [%s - %s]: %s",
$d->{$id}->service_description, $d->{$id}->host_name, $d->{$id}->author, scalar localtime $d->{$id}->entry_time, ($d->{$id}->duration)/3600.0,
scalar localtime $d->{$id}->start_time, scalar localtime $d->{$id}->end_time, $d->{$id}->comment;
}
Nagios::Servicedowntime::Status is a perl HASH, keyed with the Nagios downtime IDs, where each ID has the following accessor methods
(for v3):
host_name
service_description
downtime_id
entry_time
start_time
end_time
triggered_by
fixed
duration
author
comment
program()
Returns a Nagios::Program::Status object. No arguments.
my $prog_st = $log->program;
Nagios::Program::Status has the following accessor methods (For V1):
program_start
nagios_pid
daemon_mode
last_command_check
last_log_rotation
enable_notifications
execute_service_checks
accept_passive_service_checks
enable_event_handlers
obsess_over_services
enable_flap_detection
enable_failure_prediction
process_performance_data
STRUCTURE
This module contains 4 packages: Nagios::StatusLog, Nagios::Host::Status, Nagios::Service::Status, and Nagios::Program::Status. The latter
3 of them are mostly generated at compile-time in the BEGIN block. The accessor methods are real subroutines, not AUTOLOAD, so making a
ton of calls to this module should be fairly quick. Also, update() is set up to only do what it says - updating from a fresh logfile
should not invalidate your existing ::Status objects.
AUTHOR
Al Tobey <tobeya@tobert.org>
SEE ALSO
Nagios::Host Nagios::Service
perl v5.12.4 2011-10-22 Nagios::StatusLog(3pm)
