To Pull Historical report from nagios Log

[anish]

I would like to get the historical data from Nagios log for example I need to get the 3 months log data for a particular servers in a PDF format or excel format through Nagios Log Console .
Please let me know the steps to pull the data from the Nagios Log Server Console .

[mcapra]

Nothing like that currently exists in Nagios Log Server, though it is a planned feature.

This application on the exchange can export Nagios Log Server query results in plain-text, csv, and json formats though:
https://exchange.nagios.org/directory/U ... rt/details

[anish]

When trying to access the link https://exchange.nagios.org/directory/U ... rt/details
I am getting the below message

"The page you are trying to access does not exist.
Please select a page from the Main Menu"

[mcapra]

Are you clicking the link, or copy+pasting it?

Here's the full URL:

Code: Select all

https://exchange.nagios.org/directory/Utilities/Nagios-Log-Server-Export/details

[anish]

Hi I have imported the nagios-nlsexport to my nagios log server
And did run the command
"java -jar nlsexport.jar -host=localhost -date_start=2017.04.01 -date_end=2017.04.03 -output_path=/home/nagios/export_nls -types=syslog"

But I am getting an error as
Please use a trailing slash on your path! (/path/to/out/, C:\path\to\out\)
[root@SESKLNGLSIDV01 nagios-nlsexport-master]#


Please help me how to export the data from nagios Log server


login as: root
root@sesklnglsidv01's password:
Last login: Mon Apr 3 11:52:30 2017 from 172.18.215.115

[root@SESKLNGLSIDV01 ~]# ls -l
total 2488
drwxr-xr-x 7 root root 4096 Apr 3 11:17 nagios-nlsexport-master
-rw-r--r-- 1 root root 2537617 Jan 31 04:49 nagios-nlsexport-master.zip
drwxr-xr-x. 2 root root 4096 Oct 2 2014 scripts
[root@SESKLNGLSIDV01 ~]# cd nagios-nlsexport-master
[root@SESKLNGLSIDV01 nagios-nlsexport-master]# java -jar nlsexport.jar -host=localhost -date_start=2017.04.01 -date_end=2017.04.03 -output_path=/home/nagios/exp ort_nls -types=syslog
Please use a trailing slash on your path! (/path/to/out/, C:\path\to\out\)
[root@SESKLNGLSIDV01 nagios-nlsexport-master]# ^C
[root@SESKLNGLSIDV01 nagios-nlsexport-master]#

[mcapra]

Per the output of that application, please add a trailing slash to your -output_path argument like so:

Code: Select all

java -jar nlsexport.jar -host=localhost -date_start=2017.04.01 -date_end=2017.04.03 -output_path=/home/nagios/export_nls/ -types=syslog

[anish]

Thanks for the Command ,

I am able to pull the report with the help of below query
"java -jar nlsexport.jar -host=localhost -date_start=2017.04.01 -date_end=2017.04.03 -output_path=/home/nagios/export_nls/ -types=syslog"

Is there a way where in I can add the particular time for example on date_start=2017.04.01 from 10.00 am to 1.00 pm with the help of query ?

[cdienger]

The export tool only looks at the date, but you could pull time ranges from the output using grep. For example, on my test machine I pulled the data from 10am to 1pm of May 1st with:

Code: Select all

grep 2017-05-01T1[0-3]:..:..\....Z logstash-2017.05.01_syslog.json

[anish]

Thanks for the reply . I am actually trying to pull the report in JSON format using the Curl Query which i copied from the nagios Log dashboard inspect icon . Can you please explain me how the time stamp is generated . If I want to change the time stamp or add any particular time in the query what is the format that i have to follow to enter the time stamp.

curl -XGET 'http://sesklnglsidv01/nagioslogserver/a ... 3a079e44a6' -d '{
"query": {
"filtered": {
"query": {
"bool": {
"should": [
{
"query_string": {
"query": "*"
}
}
]
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"from": 1494856197094,
"to": 1494942597094
}
}
}
]
}
}
}
},
"highlight": {
"fields": {
"*": {}
},
"fragment_size": 2147483647,
"pre_tags": [
"@start-highlight@"
],
"post_tags": [
"@end-highlight@"
]
},
"size": 250,
"sort": [
{
"@timestamp": {
"order": "desc",
"ignore_unmapped": true
}
},
{
"@timestamp": {
"order": "desc",
"ignore_unmapped": true
}
}
]
}'

[cdienger]

The timestamp is the time of the logged event and the format is Unix epoch time in milliseconds. You can use a site like https://currentmillis.com/ to convert the format to something more readable and vise versa.