Nagios Support Forum

Just did some more testing. Seems like the log server is realtime with logs showing up but the hosts sending logs not so much. Its been >30 minutes and I still have not seen the messages that I put into the logs. I have used logstash / elasticsearch / kibana before and it was realtime and this defin...

Not sure what is going on but I added another host and I got 1 log msg from the new host and now nothing. Does it really take hours before I start seeing messages? The host that was not working seems to be ok but logging clients seem to take a long time and selective which msgs are indexed and new h...

Hmmm. Not sure what happened but I am starting to see log messages.

I think it may be a security group issue. Need to investigate some more.

On the client I ran this command: [ec2-user@ip-172-31-32-119 ~]$ logger foobar On the log server I seee this: [ec2-user@ip-172-31-2-181 ~]$ sudo tcpdump host 172.31.32.119 -A tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), ca...

Never hurts to triple check

[ec2-user@ip-172-31-2-181 ~]$ getenforce
Disabled

That came to my mind too but I have made sure SELinux is disable in /etc/sysconfig/selinux

I have checked the logstash log and the elasticsearch log and I am not seeing anything that sticks out.

I got the server setup this morning around 10 and the other host was up around 11 so >4 hrs.

What is wierd is that I have seen 8 entries come in. All of them from cron. I have restarted services to create logs and also used logger.

I am setting up a proof of concept for a client of ours within EC2. I followed the instructions (http://assets.nagios.com/downloads/nagios-log-server/docs/Using-Nagios-Log-Server-In-Amazon-EC2-Cloud.pdf) using the community AMI and I got the server up no problem. Its collecting logs for itself but I...