Hi,
i'm new and i'd like to implement correlation. Where can i find the?
is it possible, for example, to correlate 10 hosts down with a router down?
thanks
correlation
Re: correlation
Nagios is not a correlation engine. It can do rudimentary parent/child relationships so that if a router is down, anything on the other side of the router will be considered unreachable, but you can't really do much more than that. If you need to go back in time and look at events for event correlation, security, or other analysis, you'll want to look at something like the Nagios Log Server which captures log data and makes it searchable and "reportable."
You could also use an ocsp/ochp command to send the results of every check to an actual SEIM or EC system. But the usage (or selection) of that system is up to you.
You could also use an ocsp/ochp command to send the results of every check to an actual SEIM or EC system. But the usage (or selection) of that system is up to you.
Re: correlation
Thanks for jumping in, Eric!
debergerac, does Eric's post make sense? Do you have any more questions we can help with?
debergerac, does Eric's post make sense? Do you have any more questions we can help with?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!