Log parser



  • self custom python script
  • Add a short revision version e.g. v0.1
  • Tested with specific versions
  • Icinga 2 v2.8.x
  • Icinga Web 2 v2.5.x
  • English only


python script to parse the logs and alert for a given string as input with a given log file. The script is Configured and it is working fine in identifying critical and warning parsing for the strings in the log file but color code is not working with the alert. it shows the critical alert in green color and not turning to RED.


  • Icinga 2 v2.8.x
  • Icinga Web 2 v2.5.x


centos 7

And when you execute the script on CLI and type echo $? directly after the script, it says what?

when the /te.log last line is ts-have-problem it alerts critical and when the last line is TS-Complete then is saying ok

/usr/lib64/nagios/plugins/check_log.py --file=/home/ts/te.log --errorMsg=“ts-have-problem” --successMsg=“TS-Complete”

/usr/lib64/nagios/plugins//check_log.py --file=/home/ts/te.log --errorMsg=“ts-have-problem” --successMsg=“TS-Complete”

./check_log.py echo $
usage: check_log.py [-h] [–file FILE] [–errorMsg ERRORMSG]
[–successMsg SUCCESSMSG]
check_log.py: error: unrecognized arguments: echo $

As Marcus already have written, try your plugin first:

And run then immediately:

echo $?

The result have to be 2 but as you describe it will be 0. If so, your plugin script needs to be modified. For this example you need something like:


Please remember to always run your plugins with the same user as Icinga is running. e.g.

sudo -u icinga /usr/lib64/nagios/plugins/test_plugin

This way you not only make sure that Icinga is actually allowed to run the plugin when configured as a check, you avoid problems with temporary and log files, too.

Welcome to the wonderful world of Icinga, by the way.

1 Like

root@test: ~# /usr/lib64/nagios/plugins/mobi/check_log.py --file=/var/tmp/te.log --errorMsg=“ts-have-problem” --successMsg=“TS-Complete”
root@test: ~# echo $?

And there is the reason