Please clarify...

[SteveBeauchemin]

I am investigating Log Server for my company. We need to replace some other tool that scrapes logs using a local agent. The current agent has been in use for a long time. Now we are being told that we need to move to a new tool. Anyway, that is my motivation. I need to know if I should look to Log Server to solve this.

Can the Nagios Log server send an alert to the individual host in the Nagios GUI that has an issue. For example, if an MS Event Log item fires 400 times in a 30 minute period, can I get an alert in the Nagios XI GUI that shows up as a Service alert on the host that has the issue.

Or do the alerts only show up in Nagios XI in a generic way where you have to read the data and figure out which host has the problem.

I need some clarification because everything I am reading on line about this is not conclusive.

Thanks

Steve B

[rkennedy]

There are multiple ways that queries / alerts can be setup. I'll try to paint a picture to explain a bit further -

1. Query setup in NLS, AND alert setup in NLS - Independent, no relationship to XI, but still alerting.
2. Query setup in NLS, AND NO alert setup in NLS - This is where the query is defined (for example, the criteria for what matches where the MS Event Log.) Then, you can setup a check based on that query in XI. This would give you the display of an actual service check you're looking for I believe.

I believe #2 is the route you'd be looking for. I've attached a screenshot of the NLS wizard from XI for your reference as well.

xi-nls-wizard-query.PNG