Hi, i'm trying build a check for a special windows event using NSClient++ and check_nrpe. The problem is that icinga2 seems to quote every argument and the check_eventlog plugin doesn't like it.
Versions: [r...@pmon01.lan.hbd icinga2]# yum info icinga2 Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile Installed Packages Name : icinga2 Arch : x86_64 Version : 2.3.5 Release : 1.el6 Size : 18 k Repo : installed From repo : icinga-stable-release Summary : Network monitoring application URL : https://www.icinga.org/ License : GPL-2.0+ Description : Meta package for Icinga 2 Core, DB IDO and Web. [r...@pmon01.lan.hbd icinga2]# /usr/lib64/nagios/plugins/check_nrpe --help NRPE Plugin for Nagios Copyright (c) 1999-2008 Ethan Galstad (nag...@nagios.org) Version: 2.15 Last Modified: 09-06-2013 [r...@pmon01.lan.hbd icinga2]# /usr/lib64/nagios/plugins/check_nrpe -H '10.100.0.135' -t 20 I (0,4,1,102 2013-07-15) seem to be doing fine... Config: template Service "sys_windows_event_source_schannel_eventid_36887" { import "generic-service" check_command = "check_nrpe_with_args" vars.ARG1 = "check_eventlog" vars.ARG2 = "file=Application MaxWarn=0 MaxCrit=0 filter='id=36887' 'scan-range=-7d' unique 'syntax=ID: %id%, Source: %source%, File: %file%'" } Testings: above config results in the following debug log: [2015-07-21 12:57:28 +0200] notice/Process: PID 13518 ('sh' '-c' '/usr/lib64/nagios/plugins/check_nrpe -H '10.100.0.124' -t 20 -c 'check_eventlog' -a 'file=Application MaxWarn=0 MaxCrit=0 filter='\''id=36887'\'' '\''scan-range=-7d'\'' unique '\''syntax=ID: %id%, Source: %source%, File: %file%'\'''') terminated with exit code 3 using the command from the above debug log: [r...@pmon01.lan.hbd icinga2]# /usr/lib64/nagios/plugins/check_nrpe -H '10.100.0.135' -t 20 -c 'check_eventlog' -a 'file=Application MaxWarn=0 MaxCrit=0 filter='\''id=36887'\'' '\''scan-range=-7d'\'' unique '\''syntax=ID: %id%, Source: %source%, File: %file%'\''' Exception processing request: Request command contained illegal metachars! removing the quotes everything is fine: [r...@pmon01.lan.hbd icinga2]# /usr/lib64/nagios/plugins/check_nrpe -H '10.100.0.135' -t 20 -c 'check_eventlog' -a file=Application MaxWarn=0 MaxCrit=0 filter=id=36887 scan-range=-7d unique 'syntax=ID: %id%, Source: %source%, File: %file%' eventlog: 0 > critical|'eventlog'=0;0;0 Does anybody have suggestions? I already tried to configure the arguments as an array. But without success. It seems the only working thing is to remove the quotes after the -a and at the end of the command completely. But i found no way to configure this. Regards, Peter [http://www.herold.at/images/hbdat_logo.gif]<http://www.herold.at> HEROLD Business Data GmbH Guntramsdorfer Straße 105 A-2340 Mödling FN 233171z Landesgericht Wiener Neustadt [http://www.herold.at/fileadmin/gptw2-email.gif]<http://www.greatplacetowork.at> Besuchen Sie uns online und mobil auf www.herold.at<http://www.herold.at>! Weitere Informationen zu unseren Produkten finden Sie unter: http://www.herold.at/kundengewinnen/ oder auf YouTube: https://www.youtube.com/user/HEROLDChannel [http://www.herold.at/images/fb_icon_mail.gif]<http://www.facebook.at/derherold>Werden Sie Fan von HEROLD auf Facebook<http://www.facebook.at/derherold>! Bleiben Sie top informiert mit den HEROLD Blogs: http://www.herold.at/blog/ http://www.herold.at/blog/heroldforbusiness/ Bitte beachten Sie auch: http://www.website-design.at http://www.arztsuche24.at http://www.bauwohnwelt.at http://www.immoversum.com http://www.tupalo.com http://www.urlauburlaub.at Diese E-Mail kann vertrauliche und/oder rechtlich geschützte Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail sind nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. _______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
