Version 20 (modified by anonymous, 5 years ago) (diff)

--

## TracNav

• overview

• overview

• #### Scripting Languages?

• overview?

• #### Servers and protocols?

• overview?

• #### Utilities and tools?

• overview?

# CheckFile

A new command to check a bunch of files.

BETA

Simple draft and subject to change. This works similarily to CheckEventLog and uses filters to filter out (or in) a certain amount of files and then checks the count against a given number reporting an error if the count is not within bounds.

 Option Values Description file A filename, filter or path The files to check for instance c:\*.* will check the entire drive (bad idea) c:\foo\bar\my\file.txt will check only that file. filter in, out, any, all Specify the way you want to filter things. (Se section below) descriptions None Flag to specify if you want to include string representation of the file data (not implemented yet) truncate length of the returned set This will truncate the output after the specified length. As NRPE can only handle 1024 chars you need to truncate the output. MaxWarn number of records The maximum hits to allow before reporting a warning state. MaxCrit number of records The maximum hits to allow before reporting a critical state. MinWarn number of records The minimum hits to allow before reporting a warning state. MinCrit number of records The minimum hits to allow before reporting a critical state. filter-size size-expression The size a file should have. filter-creation time-expression Filter on a date (the time is specified from "now" not absolute. so filter-created=>2d will mean files created more then 2 days ago will match. filter-accessed time-expression Filter on a date (the time is specified from "now" not absolute.) filter-written time-expression Filter on a date (the time is specified from "now" not absolute.) syntax String A syntax string that describes how each matched file is shown the string can have the following keywords: %filename%, %creation%, %access%, %write%, %size%

## Filter

filter = (in, out, any, all) Specify the way you want to filter things.

 in means any thing matching this filter will be included in the result. out means any thing matching this filter will be excluded from the result. any means any of the filter rules has to match. all means all of the filter rules have to match.

Thus filter=all filter=in and filter=any filter=out is the combinations that makes the most sense depending on your filter concept.

## Examples

This command will check the date of a file (boot.ini) and alert if it's modified (written) date is greater than 3 days (3d).

 checkcommand.cfg -

command_line

$USER1$/check_nrpe -H $HOSTADDRESS$ -c CheckFile -a file="$ARG1$" filter-written=\>"$ARG2$" syntax="%filename% last updated %write%" MaxCrit=1

service.cfg -

check_command

nrpe_check_file_last_written!"C:
boot.ini"!3d