Nagios Support Forum

I don't have "Command Subsystem" on the "Administration" (/nagioslogserver/index.php/admin) page.

All Files Combined: # # Logstash Configuration File # Dynamically created by Nagios Log Server # # DO NOT EDIT THIS FILE. IT WILL BE OVERWRITTEN. # # Created Thu, 07 Apr 2016 15:54:56 +0100 # # # Global Configuration # # # Local Configuration # [ec2-user@log logstash]$ sudo bin/logstash -V logstash ...

I tried to run the binary to see more output. [ec2-user@log logstash]$ sudo bin/logstash --verbose -f etc/conf.d After a minute I get: Pipeline started {:level=>:info} After another minute I get: New Elasticsearch output {:cluster=>"", :host=>"localhost", :port=>"9200",...

Here is the full output with comments and empty lines included. [ec2-user@log ~]$ ls -l /usr/local/nagioslogserver/logstash/etc/conf.d total 12 -rw-rw-r-- 1 apache apache 218 Apr 6 16:18 000_inputs.conf -rw-rw-r-- 1 apache apache 220 Apr 6 16:18 500_filters.conf -rw-rw-r-- 1 apache apache 493 Apr 6 ...

$ cat /usr/local/nagioslogserver/logstash/etc/conf.d/* | grep -v '^$\|^\s*\#' output { elasticsearch { cluster => '' host => 'localhost' index_type => '%{type}' node_name => '1e28f93a-63b7-42c1-bca3-d23fcb6eef44' protocol => 'http' workers => 4 } } $ cat /etc/sysconfig/logstash | grep -v '^$\|^\s*\...

Thank you for the detailed reply. I was following instructions on " Configuring Input Filters " but I run into problems. When I got to the "Verify Configuration" stage it showed "OK!" but after the "Apply Configuration", I get the following in my console. sudo...

Hi,
I have a stream of log messages of type "Failed password for root from %IP% port %port_number% ssh2".
How can I get a list of values of %IP% which generated > 10 reports like this?
How can I set an alert which will trigger when a new %IP% will match the condition above?

The delayed logs have eventually stopped appearing in the Dashboard. It now works as expected. My guess is that changing the time zone settings didn't affect already existing logs which were registered as if they were from the future and it took time to catch up to those 'future' logs. I think the t...

I run it on EC2 m3.medium instance. My cpu load average <0.1.

In order to make things clearer, I'm trying to wipe all the logs from NLS. Is there an easy way to do this? I tried: curl -XDELETE "http://localhost:9200/nagioslogserver/" {"acknowledged":true} but this didn't seem to have the intended effect. Edit : This command has actually del...