Every few days all our systems stop sending logs

[jmichaelson]

Yeah that seems like a big problem with Logstash, and even though Elasticsearch is the big memory user, it does make me wonder if Logstash isn't running out of memory to use somehow.

As for supporting Centos 7, what you read is correct going forward. Centos 7 itself is going end of life on June 30th. I'd definitely recommend upgrading the system.

If you have a separate file system mounted under /usr/local/nagioslogserver/elasticsearch/data, you *should* be able to mount it on the new system after you get it installed. If it isn't, make a copy of the entire file system to use as a reference point later.

As always, keep a backup copy of everything just in case, of course. You *may* have to reach out to your CSM to deal with license activation.

If you're unable to successfully mount the data directory, keep it anyway. We will be shipping a new version of Nagios Log Server using Opensearch instead of Elasticsearch 1.7.6, and with that will come a migration tool to migrate your data from your existing instance, which will require that instance to be running.

Let me know if you have any problems with re-mounting the data, as I'm becoming quite familiar with the intricacies of it at the moment.

[jmichaelson]

Incidentally, I've opened up an internal issue to automatically create an alert for host freshness, instead of leaving it blank. I can't promise that we'll ever do anything about it but its there.