Nagios Support Forum

Hi Nagios,

we use our Nagios core monitor version 4.3.2 for host and services a lot. Now we will monitor event log on our windows servers. Do you recommend any tools for this purpose. I have tried to look on different sites. But are there any sites specially for Monitoring Windows Event Logs With Nagios Core ? Could I use the NSClient++ ? they are anyway installed on our servers ? https://outsideit.net/real-time-eventlog-monitoring/
We use Ubuntu 14.04 LTS

The article written by @WillemDH located here is probably the best resource:
https://outsideit.net/real-time-eventlog-monitoring/

Other than that, Nagios Log Server is free up to 500mb/day. It is, in my opinion, a much better tool for this particular job. It's also much easier to set up for log collection/monitoring than the aforementioned NSCA/NSClient++ method.

Thanks @mcapra!

Nagios log server would be a great tool to use for collecting your event logs with ease. You could do the trial version of Nagios Log Server.

OVA download
https://www.nagios.com/downloads/nagios-log-server/

Source Install
https://assets.nagios.com/downloads/nag ... Server.pdf

Let us know if this helps.

Hi,

but those versions are for CentOS or RHEL Linux machine. We use We use Ubuntu 14.04 LTS ?

If you don't feel like having a CentOS/RHEL machine in your infrastructure (Nagios Log Server doesn't support Ubuntu yet I believe), I can verify the setup in the article written by @WillemDH (linked in your OP) worked like a charm as of Nagios XI 5.4.2 and Nagios Core 4.3.2.

Thanks again @mcapra!

@michaelpn, we don't support Ubuntu for Nagios Log Server yet.
So a good option would be to sticking with the article you mentioned above.

Hi,

regarding your below answers I have been told that using NSClient++ with NSCA is very unstable and difficult to set up. And further more you are saying that is the only tools for Ubuntu that does exist yet ? We are very satisfied with our Nagios Core 4.3.2 on our Ubuntu 14.04 LTS. If I will go further I have to upgrade to Nagios XI version which means I have to configure a new Server and then add the config files from my present Server and some other things which of course takes time .

What should I do in your opinion ?

I think the best solution would be to look into Nagios Log Server, which can send data to Core or Nagios XI. But it does currently run on CentOS or RHEL and requires another server.

I also think you can use the NSClient++ with NSCA method just fine on your current setup. several years ago there were some NSCA issues with NSClient++ but I don't believe they are still present in current versions.

Hi,

as written before we are running Nagios Core version 4.3.2 which we use for Host and Services and a sms Gateway for notification if some Hosts or Services are critical. Now we would like to go further with Nagios log Server. If we will have the best result from Nagios Log Server what would you recommend ? Earlier this conversation you wrote that Rhel or Centos are those two OS systems which you prefer.

Company Users 40
Virtual environment 60 servers

Qoustions;

1. Should we go for Nagios XI with Centos7 ?

2. Nagios XI Standard Edition and an Enterprise Edition ?

3. What instance should we buy from Nagios Log Server, Single, 2 instants or more ?

4. Is possible to use my present Config files from Nagios Core 4.3.2 ? migrated to a new Server with Centos7 and Nagios Xi ?

RHEL and CentOS aren't just preferences of ours, they are the officially supported operating systems as of now. We are planning on expanding the operating systems we support in the very near future, but for now you need to stick with CentOS or RHEL. Alternatively, we have a prepackaged OVA available as a download on our product pages.

https://www.nagios.com/downloads/nagios ... er/vmware/

To answer your questions:

1. NagiosXI on CentOS 7 is a great install. Quick, easy, and no OS licensing!

2. Enterprise Edition unlocks additional features not present in Core or the Standard Edition, so we always highly recommend it. Some of those features include: Capacity Planning, Scheduled Reports and Pages, and a Bulk Modification Tool. You can see a better description here: https://www.nagios.com/products/nagios- ... omparison/

3. It really depends on how much replication and storage you need. At *LEAST* 2 instances is recommended always - having your data available is always a good thing

4. Yes, you can do an import from Core to XI. Here are the details: https://assets.nagios.com/downloads/nag ... p-Tool.pdf