Hi Team,
Im trying to configure windows event logs to ship events to Nagios Log Server. I'm using nxlog agent to do that. I wanted to ship the logs over HTTP/HTTPS to Nagios logserver. I found below sample config in nxlog reference manual. I have few questions regarding this.
1. What would be my URL in this case.
2. Is there a specific endpoint that needs to be used or configured if not on present Nagios Log Server..?
I know I can setup this using om_tcp or om_udp modules, but i want to use http in this case. When i checked API doc for Nagios Log Server i do not see such endpoint.
http://nxlog-ce.sourceforge.net/nxlog-d ... ml#om_http
https://support.nagios.com/kb/article/n ... mples.html
Example 6.59. Sending logs over HTTPS
<Input in>
Module im_file
File 'input.log'
ReadFromLast FALSE
</Input>
<Output out>
Module om_http
URL https://server:8080/
HTTPSCertFile %CERTDIR%/client-cert.pem
HTTPSCertKeyFile %CERTDIR%/client-key.pem
HTTPSCAFile %CERTDIR%/ca.pem
HTTPSAllowUntrusted FALSE
</Output>
<Route httpout>
Path in => out
</Route>
Nagios Log Server Http Endpoint to ship logs from nxlog
Re: Nagios Log Server Http Endpoint to ship logs from nxlog
First install the http input with:
This can take a long time. Be patient and it should eventually return you to a command prompt.
Then create a new input under Administartion > Global Configuration > Inputs, with the config:
Other options for the http input can be found at https://www.elastic.co/guide/en/logstas ... ugins.html
The url you would send traffic to would then be https://NLS_SERVER_IP:8080
Code: Select all
/usr/local/nagioslogserver/logstash/bin/plugin install logstash-input-http
Then create a new input under Administartion > Global Configuration > Inputs, with the config:
Code: Select all
http{
ssl => 'true' <-----this is optional and not needed if you want to stick with http
port => '8080' <-----8080 is default. Change if desired.
keystore => 'location_of_jks_keystore' <----only needed if using ssl
keystore_password => 'password' <-----only needed if using ssl
}
The url you would send traffic to would then be https://NLS_SERVER_IP:8080
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Nagios Log Server Http Endpoint to ship logs from nxlog
Thank you for the response. Ill try that .
Re: Nagios Log Server Http Endpoint to ship logs from nxlog
Sounds good! Keep us posted!
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.