In this recipe, you'll learn how to set up an event handler script for Nagios Core. Event handlers are commands that are run on every state change for a host or service (whether for all hosts or services or just particular ones). They are defined in a similar way to notification commands and check commands for plugins.
In this example, we'll implement a simple event handler that writes the date, the host state, and the number of check attempts to a separate file for a single host. This is a simple example to demonstrate the concept; a more practical and complex application for the use of event handlers is given in the Setting up a redundant monitoring host recipe in Chapter 10, Security and Performance.
You will need a server running a Nagios Core 4.0 or higher version. You should be familiar with defining new commands, as per the Creating a new command recipe in Chapter 2, Working with Commands and Plugins, and the Defining a custom notification method recipe in Chapter 4, Configuring Notifications.
We can set up a new event handler for the Nagios Core server as follows:
- Change to the objects configuration directory for Nagios Core. In the quick start guide installation, this directory is
/usr/local/nagios/etc/objects. Edit thecommands.cfgfile:# cd /usr/local/nagios/etc/objects # vi commands.cfg
- Add the following command definition:
define command { command_name record_host_data command_line /usr/bin/printf "%b" "$LONGDATETIME$: $HOSTSTATE$ (attempt $HOSTATTEMPT$) " >>/usr/local/nagios/var/states-$HOSTNAME$.log } - Edit the file containing the definition for an existing host; in this example,
delphi.example.net. Add theevent_handlerdirective with therecord_host_datavalue to your host definition:define host { use linux-server host_name delphi.example.net alias delphi address 192.0.2.26 event_handler record_host_data } - Validate the configuration and restart the Nagios Core server:
# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg # /etc/init.d/nagios restart
With this done, the next time the host changes state (whether a SOFT or HARD state, it should log information in the file /usr/local/nagios/var/states-delphi.example.net.log:
Wed Nov 25 16:44:46 NZDT 2015: DOWN (attempt 1) Wed Nov 25 16:44:46 NZDT 2015: DOWN (attempt 2) Wed Nov 25 16:44:46 NZDT 2015: DOWN (attempt 3) Wed Nov 25 16:44:46 NZDT 2015: UP (attempt 1)
The event_handler command that we defined is configured to use printf to write a line of text to a file named after the host. Its definition is built out of the following four macros:
$LONGDATETIME$: This refers to the date and time in a human-readable format$HOSTSTATE$: This refers to the state of the host (UP,DOWN, orUNREACHABLE)$HOSTATTEMPT$: This refers to the number of check attempts made so far for a host in a problem state$HOSTNAME$: This refers to the hostname itself (used to build the name of the file)
Note that this behavior is slightly different from notifications. Notification commands are only run to alert somebody about the problem when the number of max_check_attempts for a host or service have been exceeded. Event handlers are run on SOFT changes as well as HARD changes and hence can be used to keep more information about the host's performance that might be missed by routine notifications.
Service event handlers can be defined in just the same way, by adding the event_handler directive to their definitions:
define service {
use generic-service
host_name crete.example.net
service_description PING
check_command check_ping!100,10%!200,20%
event_handler record_service_data
}In this case, we would probably want to use the macros for service states instead:
define command {
command_name record_service_data
command_line /usr/bin/printf "%b" "$LONGDATETIME$: $SERVICESTATE$ (attempt $SERVICEATTEMPT$)
" >>/usr/local/nagios/var/states-$HOSTNAME$-$SERVICEDESC$.log
}As a shortcut, if there's an event handler we want to run on all hosts or all services, we can use the global_host_event_handler and global_service_event_handler directives in nagios.cfg:
global_host_event_handler=record_host_data global_service_event_handler=record_service_data
This will apply the appropriate event handlers to all hosts and services, and the handlers will therefore run whenever a host or service changes state.
A specialized case of using an event handler to record detailed performance data of plugins and checks is also possible using Nagios Core's Performance Data feature, as documented in the manual, which can be found at https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/4/en/perfdata.html.
Performance data is written on every check rather than every state change and is hence useful to assess the performance of plugins and checks. Performance data is used by the Nagiosgraph utility, as discussed in the Tracking host and service states with Nagiosgraph recipe in this chapter.