Nagios Support Forum

Hi, I would like to remove hosts being logged. Specifically I would not like to log my Nagios Log Server or Nagios XI server anymore. I used to have auditd reporting to both so I disabled auditd. I tried to look in /etc/rsyslog.conf to stop the logs from being sent to Nagios LS, but I see nothing to...

Give this query a try: type:EXECVE This does not work. However, I have just been using "EXECVE" and that has been working for me. But why can I not query more than one word? For example, "this = myQuery" only results in the word "this" being highlighted... Thanks for y...

Hello, I have 10 servers sending their syslog and auditd information to a centralized Nagios Log Server. I'd like to find the documents that contain "type=EXECVE". However, if I do that (and there are PLENTY of documents with that string plastered all over, nothing shows up after performin...