Search found 5024 matches
- Tue Aug 20, 2019 1:57 pm
- Forum: Nagios Log Server
- Topic: Elasticsearch tuning
- Replies: 22
- Views: 799
Re: Elasticsearch tuning
The primary machine is definitely taking the bulk of the data assuming the packet sizes are roughly equal across all machines. Just curious, what is the size of the files when you run "ll output.pcap" ? What do the configurations(nxlog, syslog, etc...) look like on the clients that are sen...
- Tue Aug 20, 2019 9:47 am
- Forum: Nagios Log Server
- Topic: TLS 1.2 IIS Log Fields
- Replies: 7
- Views: 336
Re: TLS 1.2 IIS Log Fields
That seems to be what is happening here. Updating the config should allow it to match the fields in the logs and avoid the error that is getting repeated and taking up so much space.
- Mon Aug 19, 2019 4:59 pm
- Forum: Nagios XI
- Topic: Turning on ldap debug doesnt give desired output.
- Replies: 12
- Views: 1389
Re: Turning on ldap debug doesnt give desired output.
The component is outdated but looks good and tested just fine. Can you PM me a screenshot of its settings page?
- Mon Aug 19, 2019 4:29 pm
- Forum: Nagios Log Server
- Topic: Elasticsearch tuning
- Replies: 22
- Views: 799
Re: Elasticsearch tuning
To get an idea about how much data is coming in and where it's going, run the following on each NLS machine: yum -y install tcpdump tcpdump -s 0 -i any port 3515 or port 3333 or port 5544 -w output.pcap Let them run for 30 seconds or so and use CTRL+C to stop the tcpdumps and compare the sizes of th...
- Mon Aug 19, 2019 3:48 pm
- Forum: Nagios Log Server
- Topic: TLS 1.2 IIS Log Fields
- Replies: 7
- Views: 336
Re: TLS 1.2 IIS Log Fields
I assume you're seeing simliar messages in the nxlog.log on the Windows machine then? This log/behavior isn't directly associated with anything on the log server side of things - it is NXlog that defines expected field and field types in lines like: Fields $date, $time, $sitename, $computername, $s-...
- Mon Aug 19, 2019 3:39 pm
- Forum: Nagios XI
- Topic: SNMP Trap Overload
- Replies: 5
- Views: 141
Re: SNMP Trap Overload
Glad to help clarify things! SNMP and trap configuration usually takes a bit of time to figure out and you're definitely not the first(or last) to need direction.
- Mon Aug 19, 2019 3:30 pm
- Forum: Nagios XI
- Topic: BPI Process Unknown after 5.6.5 upgrade
- Replies: 17
- Views: 446
Re: BPI Process Unknown after 5.6.5 upgrade
Anywhere under the verify first line([PHP]) should be okay.
- Mon Aug 19, 2019 1:59 pm
- Forum: Nagios XI
- Topic: BPI Process Unknown after 5.6.5 upgrade
- Replies: 17
- Views: 446
Re: BPI Process Unknown after 5.6.5 upgrade
max_input_vars may not exist and you can add it if it isn't in there. Once that is done and the httpd service restarted, tail these logs: tail -Fn0 /usr/local/nagiosxi/var/cmdsubsys.log /var/log/httpd/error_log /var/log/httpd/ssl_error_log /usr/local/nagiosxi/var/components/bpi.log and run(on a diff...
- Mon Aug 19, 2019 1:43 pm
- Forum: Nagios XI
- Topic: SNMP Trap Overload
- Replies: 5
- Views: 141
Re: SNMP Trap Overload
You can use NXTI to setup MATCH clauses and don't have to do by editing files. As ssax pointed out, you would create multiple trap definitions with many of the same settings except the for MATCH configuration to control which trap gets triggered. You'd also want to give the trap definitions differen...
- Fri Aug 16, 2019 10:09 am
- Forum: Nagios Log Server
- Topic: Log Server - Dynamic source file
- Replies: 2
- Views: 323
Re: Log Server - Dynamic source file
Using a wildcard in polling mode doesn't seem to be an issue on the systems I tested with(8.40.0 and 5.8.10), so there may be other factors in place here. That said, I don't see a way to switch to inotify using the legacy config methods and it looks like rainerscript configuration would need to be u...