Hi
We are trying a POC , where we are trying to replace IP's with Hostnames in Nagios Log Server.
We are pushing the Logs from AEM(Adobe Experience Manager -Enterprise CMS) to Nagios Log Server.
We tried configuring the dashboard in Nagios Log Server with Hostnames replacing IP's but the logs are not getting populated.
We are looking at the server logs of Nagios Log Server and we couldn't find the cause of the issue.
Can you please help us on getting the logs populated without any issues by replacing hostnames with IP's?
Thanks
Aneesh
unable to Replace ip with Hostnames in Nagios Log Server
-
nagiosadminAD
- Posts: 16
- Joined: Tue Jan 30, 2018 5:28 am
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: unable to Replace ip with Hostnames in Nagios Log Server
Hi,
Welcome to the Nagiso Customer Support Forum!
Looking this over, I believe using the DNS filter would work for you, let me know.
This is pretty well documented in the following thread.
FQDN instead of IP
Take a look and let us know if you have more questions or need any assistance.
Regards,
Benjamin
Welcome to the Nagiso Customer Support Forum!
Looking this over, I believe using the DNS filter would work for you, let me know.
This is pretty well documented in the following thread.
FQDN instead of IP
Take a look and let us know if you have more questions or need any assistance.
Regards,
Benjamin
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
-
nagiosadminAD
- Posts: 16
- Joined: Tue Jan 30, 2018 5:28 am
Re: unable to Replace ip with Hostnames in Nagios Log Server
Thanks for the response.
As per my understanding, DNS Filter is a configuration where we are mapping the IP to DNS or Hostname.
Let's say if we may change servers(for increasing disk space) in Dev Environment, Hostname is permanent for a particular environment and IP's may change and we need to manually update the IP's in configuration.
But we are looking for something where we configure Hostname which may not change if we move from one server to one server for a particular environment because Hostnames tend to be permanent but IP''s won't.
Can you please let us know if there is any configuration in Nagios Log Server where IP''s should not be used and instead Hostnames are Configured which doesn't affect normal functioning of Nagios Log Server.
Thanks
Aneesh
As per my understanding, DNS Filter is a configuration where we are mapping the IP to DNS or Hostname.
Let's say if we may change servers(for increasing disk space) in Dev Environment, Hostname is permanent for a particular environment and IP's may change and we need to manually update the IP's in configuration.
But we are looking for something where we configure Hostname which may not change if we move from one server to one server for a particular environment because Hostnames tend to be permanent but IP''s won't.
Can you please let us know if there is any configuration in Nagios Log Server where IP''s should not be used and instead Hostnames are Configured which doesn't affect normal functioning of Nagios Log Server.
Thanks
Aneesh
Re: unable to Replace ip with Hostnames in Nagios Log Server
If the logs contain a hostname it can be extracted using a grok filter.
If the logs do not contain a hostname then I would recommend the DNS filter as was pointed out before. The DNS filter relies on the system's DNS to do forward and reverse lookups. If DNS is setup properly, it is really the best method to get the hostname.
If DNS isn't an option then I would probably look into setting up a translate filter - https://www.elastic.co/guide/en/logstas ... slate.html. This does not seem like something I would want to maintain for any more than a few hosts however.
If the logs do not contain a hostname then I would recommend the DNS filter as was pointed out before. The DNS filter relies on the system's DNS to do forward and reverse lookups. If DNS is setup properly, it is really the best method to get the hostname.
If DNS isn't an option then I would probably look into setting up a translate filter - https://www.elastic.co/guide/en/logstas ... slate.html. This does not seem like something I would want to maintain for any more than a few hosts however.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
-
nagiosadminAD
- Posts: 16
- Joined: Tue Jan 30, 2018 5:28 am
Re: unable to Replace ip with Hostnames in Nagios Log Server
Thanks for your response.
Can you please specify additional details on grok filter?
we would like to know more details like purpose of grok filter and how to configure /implement it.
so that we it would be helpful to analyze whether this approach is suitable for our POC.
Thanks
Aneesh
Can you please specify additional details on grok filter?
we would like to know more details like purpose of grok filter and how to configure /implement it.
so that we it would be helpful to analyze whether this approach is suitable for our POC.
Thanks
Aneesh
Re: unable to Replace ip with Hostnames in Nagios Log Server
Parsing a log is covered in detail in this document:
https://assets.nagios.com/downloads/nag ... ilters.pdf
https://assets.nagios.com/downloads/nag ... ilters.pdf
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.