hey bro,
if you are ok with nrpe, just run the linux wiz in XI and add the logstash daemon's here is what it looks like on my nagios setup:
BTW, aside from logstash and elasticsearch what other services should should I be checking?
what does this mean?
Re: what does this mean?
You do not have the required permissions to view the files attached to this post.
Proudly running:
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
Re: what does this mean?
Pretend I don't use XI?
Pretend I want NLS to use the same logic it uses for notifications?
Pretend I bought NLS without using Nagios Core/XI?
Pretend I want NLS to use the same logic it uses for notifications?
Pretend I bought NLS without using Nagios Core/XI?
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
Re: what does this mean?
benhank, what about SSH, HTTP, CRON?
Re: what does this mean?
The important services are as follows:BTW, aside from logstash and elasticsearch what other services should should I be checking?
elasticsearch
logstash
crond
ntpd (if you're running it)
httpd
sshd
Re: what does this mean?
As they say In the Great book of IT: " It is written, thou art screwed" =D <----the happy face is actually part of the writing. jk jk.
edited.
I just realized what you meant. Seems logical that you would be able to report on the two services. Ill do you a solid and test shutting down the services on my dev box and give you the results.
edited.
I just realized what you meant. Seems logical that you would be able to report on the two services. Ill do you a solid and test shutting down the services on my dev box and give you the results.
Proudly running:
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
Re: what does this mean?
Our Nagios already monitors the services on our NLS box and event handlers restart them. I guess I could just do that myself and see, but I'll wait till your solid is done. Thanks, brother.
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
Re: what does this mean?
Well this is weird, I have this compulsion to reply to this post but you guys are doing support for each other... Huh.
If benhank isn't back soon, we'll send out a search party and we can do the test ourselves if you would like.
If benhank isn't back soon, we'll send out a search party and we can do the test ourselves if you would like.
Former Nagios employee
Re: what does this mean?
#NagiosUsersLoveEachOther
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
Re: what does this mean?
ok here is what I found.
I couldn't figure out how to do it. I don't know what the messages is logged into the syslog when the service status is down.
BUT what I remembered is that a while ago I was having an issue in which my logstash service died on me at random times.
What tmcdonald did was set up a teeny weeny cron job that ran from my tmp dir. It checked the logstash and ES status, and if they failed the cron job restarted them as well as logged the status results to a file in the tmp dir. Perhaps the script could be modified to also send a message to whomever when the service is down or was restarted?
I couldn't figure out how to do it. I don't know what the messages is logged into the syslog when the service status is down.
BUT what I remembered is that a while ago I was having an issue in which my logstash service died on me at random times.
What tmcdonald did was set up a teeny weeny cron job that ran from my tmp dir. It checked the logstash and ES status, and if they failed the cron job restarted them as well as logged the status results to a file in the tmp dir. Perhaps the script could be modified to also send a message to whomever when the service is down or was restarted?
Proudly running:
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
Re: what does this mean?
Possibly?
Would be a bit more complicated since now we have to deal with SMTP settings and things but it isn't out of the realm of possibility.
Is this a serious question eloyd or a "what-if" situation?
Would be a bit more complicated since now we have to deal with SMTP settings and things but it isn't out of the realm of possibility.
Is this a serious question eloyd or a "what-if" situation?
Former Nagios employee