Search found 3722 matches

by mcapra
Tue Aug 15, 2017 10:58 am
Forum: Nagios XI
Topic: winRM support
Replies: 10
Views: 334

Re: winRM support

NSClient++ or NCPA could be leveraged generally to execute scripts on a Windows system. You could write scripts to do your WinRM stuff, then configure it in NSClient++ or NCPA to be later called by Nagios XI. Nagios XI doesn't really "support" WinRM as a simple configuration wizard, but y...
by mcapra
Tue Aug 15, 2017 10:51 am
Forum: Nagios Log Server
Topic: Parsing XML in Message
Replies: 16
Views: 853

Re: Parsing XML in Message

You might also need to strip out the <?xml version="1.0" encoding="UTF-8"?> section from the message. logstash-filter-xml is a bit brittle from what I remember. The Logstash log may have some hints if it's encountering parsing errors, at any rate.
by mcapra
Tue Aug 15, 2017 10:46 am
Forum: Nagios XI
Topic: PhantomJS Question
Replies: 2
Views: 633

Re: PhantomJS Question

Excellent! Resolved.
by mcapra
Tue Aug 15, 2017 10:38 am
Forum: Nagios XI
Topic: PhantomJS Question
Replies: 2
Views: 633

PhantomJS Question

Is sym-linking the PhantomJS binary distributed with Nagios XI a good idea generally? Like so: ln -s /usr/local/nagiosxi/html/includes/components/highcharts/exporting-server/phantomjs /usr/bin/phantomjs That particular step is part of a write-up I'm doing. Doesn't really make sense to build PhantomJ...
by mcapra
Tue Aug 15, 2017 10:31 am
Forum: Open Source Nagios Projects
Topic: Nagios - Mod-Gearman - NSclient Encyption
Replies: 2
Views: 1184

Re: Nagios - Mod-Gearman - NSclient Encyption

Mod_Gearman uses Rijndael 256 by default I believe: https://github.com/sni/mod_gearman/blob/5aa995fe1619b6838b7dbd6360376f0f88f16c8e/include/gm_crypt.h#L36-L37 https://github.com/sni/mod_gearman/blob/5aa995fe1619b6838b7dbd6360376f0f88f16c8e/common/gm_crypt.c#L60 Unless the encryption directive in th...
by mcapra
Tue Aug 15, 2017 10:18 am
Forum: Nagios Log Server
Topic: Parsing XML in Message
Replies: 16
Views: 853

Re: Parsing XML in Message

Your xml step is outside the mcafee logic. This means the xml step is applied to all messages; no good. Make sure the xml step is included in your mcafee logic: if [type] == 'mcafee' { mutate { gsub => [ 'message', '^<.*]\s', '' ] } xml { source => 'message' } } I also modified the regex a bit to ma...
by mcapra
Tue Aug 15, 2017 8:55 am
Forum: Nagios XI
Topic: winRM support
Replies: 10
Views: 334

Re: winRM support

It's worth mentioning that winRM is using WMI for all it's measurements anyway. Might as well cut out the middleman and go with WMI directly unless there's substantial security concerns.

https://assets.nagios.com/downloads/nag ... ios-XI.pdf
by mcapra
Tue Aug 15, 2017 8:52 am
Forum: Nagios XI
Topic: nagios compability issue.
Replies: 7
Views: 208

Re: nagios compability issue.

You might also want to contact Trend Micro regarding this. I would expect that if the ds_agent is attempting to do in-depth process monitoring, it might have it's work cut out for it when attempting to monitor the entirety of Nagios XI. Do you have measurements of what, if any, processes are experie...
by mcapra
Tue Aug 15, 2017 8:49 am
Forum: Open Source Nagios Projects
Topic: Nagios Core HTTP concern
Replies: 2
Views: 1198

Re: Nagios Core HTTP concern

Is this the standard localhost http service check? If so, 403 is expected because the main Nagios page requires authentication. You could alter the service definition to include authentication (or expect a 403) as per the check_http documentation: https://nagios-plugins.org/doc/man/check_http.html -...
by mcapra
Tue Aug 15, 2017 8:36 am
Forum: Nagios Log Server
Topic: FortiOS 5.6 GrokParseFailure
Replies: 12
Views: 5077

Re: FortiOS 5.6 GrokParseFailure

Some thoughts: While syslog5424_pri and syslog_pri are picking up the PRI value neither value shows up in the NLS FortiOS syslog output. I don't know if I should call one of these values out via GROK or MUTATE and, if so, how. It's not enough to simply grok match the pri. You need to strip this valu...