Hi Team,
We have used logstash to parse syslog and used elasticsearch as output. We need to integrate it with NagiosXI, when a particular event is seen in the log NagiosXI must be alerted. Could you please help on this. Let us for any more details required.
To parse syslog and used elasticsearch as output
-
gselvakumar
- Posts: 96
- Joined: Wed Mar 02, 2016 4:52 am
To parse syslog and used elasticsearch as output
Thanks & Regards,
Gomathyshankar Selvakumar
Gomathyshankar Selvakumar
Re: To parse syslog and used elasticsearch as output
Our product (Nagios Log Server) is written on top of the ELK stack, and has this feature built in. However, it won't work with an independent ELK stack.
You would need to write your own plugin to do this.
You would need to write your own plugin to do this.
Former Nagios Employee
Re: To parse syslog and used elasticsearch as output
You could leverage NRPE to do something like this by querying the elasticsearch API probably. Definitely not something we have documentation for though.
The check_nagioslogserver.php plugin that comes stock with XI is probably a good starting point (not a solution) for this. If I find free-time, I might re-write it as a plugin that can be leveraged by NRPE to hit the local elasticsearch API rather than the NLS API.
The check_nagioslogserver.php plugin that comes stock with XI is probably a good starting point (not a solution) for this. If I find free-time, I might re-write it as a plugin that can be leveraged by NRPE to hit the local elasticsearch API rather than the NLS API.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/