@tcsdi, Thank you. My other recommendation is to increase the Logstash heap size and open files limits. Please follow this article and let me know if this helps.
https://support.nagios.com/kb/article/n ... g-576.html
Nagios suddenly stopped sending logs
-
npolovenko
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Nagios suddenly stopped sending logs
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Nagios suddenly stopped sending logs
Hi @npolovenko,npolovenko wrote:@tcsdi, Thank you. My other recommendation is to increase the Logstash heap size and open files limits. Please follow this article and let me know if this helps.
https://support.nagios.com/kb/article/n ... g-576.html
We tried creating a new server, installed nagioslogserver and tried to restore the backup from the old one using this, https://assets.nagios.com/downloads/nag ... Server.pdf
You can check out the attachments for a screenshot of the old and new server.
1. Should I use the same hostname and IP address on the new server?
2. Also, do I need to have the same cluster ID and instance ID from the old one?
You do not have the required permissions to view the files attached to this post.
-
npolovenko
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Nagios suddenly stopped sending logs
@tcsdi, After you spin up a new log server instance you should import logs from the repo. Then you can change the hostname and IP address on the new LS to match the old one. That way all configured logs will keep coming to the same location. Don't forget to turn off the old LS before you do that to avoid any network conflicts. Cluster ID and Instance ID don't have to be the same.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Nagios suddenly stopped sending logs
Hi @npolovenko,npolovenko wrote:@tcsdi, After you spin up a new log server instance you should import logs from the repo. Then you can change the hostname and IP address on the new LS to match the old one. That way all configured logs will keep coming to the same location. Don't forget to turn off the old LS before you do that to avoid any network conflicts. Cluster ID and Instance ID don't have to be the same.
Nagios LS is now working, however I encountered some issues. I'm currently not receiving DNS logs and WAF logs.
The attached image shows waflog movement but I still have my waflog at (0). I also attached the profile for your reference.
You do not have the required permissions to view the files attached to this post.
-
npolovenko
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: Nagios suddenly stopped sending logs
@tcsdi, On your second screenshot waflog has a value of 4.131 but it's 0 on the legend. I'm not sure how that is possible. Were you hovering over the old data?
But the reason why you're not receiving logs for the waflog and the dnslog is because listening ports are not open in the firewall. See the "Firewall Ports" section of this tutorial.
https://assets.nagios.com/downloads/nag ... Inputs.pdf
You need to open ports: 2055,5545,5543,5541
But the reason why you're not receiving logs for the waflog and the dnslog is because listening ports are not open in the firewall. See the "Firewall Ports" section of this tutorial.
https://assets.nagios.com/downloads/nag ... Inputs.pdf
You need to open ports: 2055,5545,5543,5541
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.