Event Log monitoring for Nagios Core version 4.3.2

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
michaelpn
Posts: 54
Joined: Fri Jul 14, 2017 12:12 am

Event Log monitoring for Nagios Core version 4.3.2

Post by michaelpn »

Hi Nagios,

we use our Nagios core monitor version 4.3.2 for host and services a lot. Now we will monitor event log on our windows servers. Do you recommend any tools for this purpose. I have tried to look on different sites. But are there any sites specially for Monitoring Windows Event Logs With Nagios Core ? Could I use the NSClient++ ? they are anyway installed on our servers ? https://outsideit.net/real-time-eventlog-monitoring/
We use Ubuntu 14.04 LTS
Michael Pierre
Forenede Gruppeliv
2500 Valby
Copenhagen
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by mcapra »

The article written by @WillemDH located here is probably the best resource:
https://outsideit.net/real-time-eventlog-monitoring/

Other than that, Nagios Log Server is free up to 500mb/day. It is, in my opinion, a much better tool for this particular job. It's also much easier to set up for log collection/monitoring than the aforementioned NSCA/NSClient++ method.
Former Nagios employee
https://www.mcapra.com/
kyang

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by kyang »

Thanks @mcapra!

Nagios log server would be a great tool to use for collecting your event logs with ease. You could do the trial version of Nagios Log Server.

OVA download
https://www.nagios.com/downloads/nagios-log-server/

Source Install
https://assets.nagios.com/downloads/nag ... Server.pdf

Let us know if this helps.
michaelpn
Posts: 54
Joined: Fri Jul 14, 2017 12:12 am

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by michaelpn »

Hi,

but those versions are for CentOS or RHEL Linux machine. We use We use Ubuntu 14.04 LTS ?
Michael Pierre
Forenede Gruppeliv
2500 Valby
Copenhagen
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by mcapra »

If you don't feel like having a CentOS/RHEL machine in your infrastructure (Nagios Log Server doesn't support Ubuntu yet I believe), I can verify the setup in the article written by @WillemDH (linked in your OP) worked like a charm as of Nagios XI 5.4.2 and Nagios Core 4.3.2.
Former Nagios employee
https://www.mcapra.com/
kyang

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by kyang »

Thanks again @mcapra!

@michaelpn, we don't support Ubuntu for Nagios Log Server yet.
So a good option would be to sticking with the article you mentioned above.
michaelpn
Posts: 54
Joined: Fri Jul 14, 2017 12:12 am

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by michaelpn »

Hi,

regarding your below answers I have been told that using NSClient++ with NSCA is very unstable and difficult to set up. And further more you are saying that is the only tools for Ubuntu that does exist yet ? We are very satisfied with our Nagios Core 4.3.2 on our Ubuntu 14.04 LTS. If I will go further I have to upgrade to Nagios XI version which means I have to configure a new Server and then add the config files from my present Server and some other things which of course takes time :(.

What should I do in your opinion ?
Michael Pierre
Forenede Gruppeliv
2500 Valby
Copenhagen
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by scottwilkerson »

I think the best solution would be to look into Nagios Log Server, which can send data to Core or Nagios XI. But it does currently run on CentOS or RHEL and requires another server.

I also think you can use the NSClient++ with NSCA method just fine on your current setup. several years ago there were some NSCA issues with NSClient++ but I don't believe they are still present in current versions.
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
michaelpn
Posts: 54
Joined: Fri Jul 14, 2017 12:12 am

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by michaelpn »

Hi,

as written before we are running Nagios Core version 4.3.2 which we use for Host and Services and a sms Gateway for notification if some Hosts or Services are critical. Now we would like to go further with Nagios log Server. If we will have the best result from Nagios Log Server what would you recommend ? Earlier this conversation you wrote that Rhel or Centos are those two OS systems which you prefer.

Company Users 40
Virtual environment 60 servers

Qoustions;

1. Should we go for Nagios XI with Centos7 ?

2. Nagios XI Standard Edition and an Enterprise Edition ?

3. What instance should we buy from Nagios Log Server, Single, 2 instants or more ?

4. Is possible to use my present Config files from Nagios Core 4.3.2 ? migrated to a new Server with Centos7 and Nagios Xi ?
Michael Pierre
Forenede Gruppeliv
2500 Valby
Copenhagen
bheden
Product Development Manager
Posts: 179
Joined: Thu Feb 13, 2014 9:50 am
Location: Nagios Enterprises

Re: Event Log monitoring for Nagios Core version 4.3.2

Post by bheden »

RHEL and CentOS aren't just preferences of ours, they are the officially supported operating systems as of now. We are planning on expanding the operating systems we support in the very near future, but for now you need to stick with CentOS or RHEL. Alternatively, we have a prepackaged OVA available as a download on our product pages.

https://www.nagios.com/downloads/nagios ... er/vmware/

To answer your questions:

1. NagiosXI on CentOS 7 is a great install. Quick, easy, and no OS licensing!

2. Enterprise Edition unlocks additional features not present in Core or the Standard Edition, so we always highly recommend it. Some of those features include: Capacity Planning, Scheduled Reports and Pages, and a Bulk Modification Tool. You can see a better description here: https://www.nagios.com/products/nagios- ... omparison/

3. It really depends on how much replication and storage you need. At *LEAST* 2 instances is recommended always - having your data available is always a good thing :)

4. Yes, you can do an import from Core to XI. Here are the details: https://assets.nagios.com/downloads/nag ... p-Tool.pdf
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Nagios Enterprises
Senior Developer
Locked