Consolidate nagios.log and other nagios subsystem logs to syslog or journalctl

[gregbeyer]

I posted this on 11/1, but my post is gone today. So I'll re-post. I have counted thirty (30) different logs for nagiosxi and its subcomponents scattered in various /usr/local/ directories and elsewhere. I haven't counted the mysql database log file(s) yet. Further, some logs have conventional date/time stamps, some use epoch time stamps and some have no date/time stamp at all. This is a lot of different logs that have to be searched for troubleshooting Nagios XI issues. The lack of a uniform timestamp makes the task that much more difficult.

Is there a way to send all nagios files to syslog or journalctl so that there is one place to search for nagios events and have a uniform time stamp? I've searched Nagios documentation, find nothing thus far. Thanks.

[jmichaelson]

Hi Greg, I'm unaware of anything at the moment, but it's a really good idea. I'll write up a suggestion internally for it.

[kg2857]

This can be done w/ syslog/rsyslog.

[gregbeyer]

found that for RHEL I can use module imfile - https://docs.redhat.com/en/documentatio ... og_modules

[snapier3]

found that for RHEL I can use module imfile - https://docs.redhat.com/en/documentatio ... og_modules

IBM has a really good write-up on how to use imfile in Ubuntu with Apache logs.
https://www.ibm.com/support/pages/qrada ... ccess-logs
You can extrapolate how to use it with different logs.