Nagios Support Forum

NLS uses a daily index currently. I have multiple clients with individual PCI requirements. For each client has 3 env. Prod, Staging, and Dev. Is this type of filtering supported by NLS? filter { if [log_type] in [ "prod", "staging", "dev" ] { mutate { add_field => { &q...

Can we encrypt the indexes?

could I replace the logstash version?

currently installed with nls:
ubuntu@ip-10-247-0-158:/usr/local/nagioslogserver/logstash/bin$ ./logstash -V
logstash 2.4.1

The one I would like is:
logstash release 7.8(current)

I am after the newer tools like 'dissect'

Thanks

How does the quesrystring option 'either' work?

I am going to use a GROK statement to filter this into a feild and strip off the "#", a long with the other feilds in the logline.
Thanks

Good day,

I am trying to figure out to search for this string "#Success'

If I search for "#Success" I get all strings with 'success' missing the "#"

I tried regex /W+uccess \/W+uccess\

So I would like to query for the "#" and capital "S"


Thanks

Nagios LS confguration - This accepts events: tcp { type => 'syslog' tags => 'filebeat' port => 2070 } When the events come in, they are in the beats format which looks like this, which I think is filebeats format: message: 2F4PF\aM\xC3I#\f\x9A0\xD6B\xAFE\x95\xF8u\xBC\xBA\x8A\u0017\e\u001Co\x9A\xF4+...

chekcing

no PM in my INBOX.

Thanks

I PMed the files you asked for.

I am just checking in

Thanks

Looking at nagiosLS GUI:

I see some packets appearing in the GUI.

import_raw <133>Sep 13 10:55:52 server OCS_CALLED_TAG: # 2019/09/13 09:58:58


I dont see anything before and after the initial restart.

Thanks