This support forum board is for support questions relating to
Nagios Log Server , our solution for managing and monitoring critical log data.
rlinux57
Posts: 324 Joined: Mon Dec 08, 2014 12:03 am
Post
by rlinux57 Wed Jan 27, 2016 2:21 pm
Elasticsearch is running. I have setup NLS via this document "Manual-Installation-Instructions-For-Nagios-Log-Server.pdf"
Code: Select all
[root@logs ~]# cat /etc/sysconfig/logstash
###############################
# Default settings for logstash
###############################
# Override Java location
#JAVACMD=/usr/bin/java
# Set a home directory
APP_DIR=/usr/local/nagioslogserver
LS_HOME="$APP_DIR/logstash"
# set ES_CLUSTER
ES_CLUSTER=$(cat $APP_DIR/var/cluster_uuid)
# Arguments to pass to java
#LS_HEAP_SIZE="256m"
LS_JAVA_OPTS="-Djava.io.tmpdir=$APP_DIR/tmp"
# Logstash filter worker threads
#LS_WORKER_THREADS=1
# pidfiles aren't used for upstart; this is for sysv users.
#LS_PIDFILE=/var/run/logstash.pid
# user id to be invoked as; for upstart: edit /etc/init/logstash.conf
LS_USER=nagios
LS_GROUP=nagios
# logstash logging
#LS_LOG_FILE=/var/log/logstash/logstash.log
#LS_USE_GC_LOGGING="true"
# logstash configuration directory
LS_CONF_DIR="$LS_HOME/etc/conf.d"
# Open file limit; cannot be overridden in upstart
#LS_OPEN_FILES=2048
# Nice level
#LS_NICE=0
# Increase Filter workers to 4 threads
LS_OPTS=" -w 4"
if [ "x$1" == "xstart" -o "x$1" == "xrestart" -o "x$1" == "xreload" ];then
GET_LOGSTASH_CONFIG_MESSAGE=$( php /usr/local/nagioslogserver/scripts/get_logstash_config.php )
GET_LOGSTASH_CONFIG_RETURN=$?
if [ "$GET_LOGSTASH_CONFIG_RETURN" != "0" ]; then
echo $GET_LOGSTASH_CONFIG_MESSAGE
exit 1
jolson
Attack Rabbit
Posts: 2560 Joined: Thu Feb 12, 2015 12:40 pm
Post
by jolson Wed Jan 27, 2016 2:37 pm
It looks like you're missing two closing 'fi' commands at the end of your /etc/sysconfig/logstash file. Do they exist?
Working system:
Code: Select all
[root@localhost sysconfig]# tail /etc/sysconfig/logstash
LS_OPTS=" -w 4"
if [ "x$1" == "xstart" -o "x$1" == "xrestart" -o "x$1" == "xreload" ];then
GET_LOGSTASH_CONFIG_MESSAGE=$( php /usr/local/nagioslogserver/scripts/get_logstash_config.php )
GET_LOGSTASH_CONFIG_RETURN=$?
if [ "$GET_LOGSTASH_CONFIG_RETURN" != "0" ]; then
echo $GET_LOGSTASH_CONFIG_MESSAGE
exit 1
fi
fi
I imagine you're using CentOS/RHEL/Oracle Linux?
Does this file exist?
Code: Select all
ls -l /var/run/logstash/logstash.pid
How old is the nagios user account?
Twits Blog
Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
rlinux57
Posts: 324 Joined: Mon Dec 08, 2014 12:03 am
Post
by rlinux57 Wed Jan 27, 2016 2:44 pm
Code: Select all
[root@logs ~]# tail /etc/sysconfig/logstash
LS_OPTS=" -w 4"
if [ "x$1" == "xstart" -o "x$1" == "xrestart" -o "x$1" == "xreload" ];then
GET_LOGSTASH_CONFIG_MESSAGE=$( php /usr/local/nagioslogserver/scripts/get_logstash_config.php )
GET_LOGSTASH_CONFIG_RETURN=$?
if [ "$GET_LOGSTASH_CONFIG_RETURN" != "0" ]; then
echo $GET_LOGSTASH_CONFIG_MESSAGE
exit 1
fi
fiCode: Select all
cat /etc/redhat-release
CentOS release 6.7 (Final)
Code: Select all
ls -l /var/run/logstash/logstash.pid
-rw-r--r-- 1 nagios nagios 6 Jan 27 22:51 /var/run/logstash/logstash.pid
Code: Select all
chage -l nagios
Last password change : Jan 18, 2016
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
jolson
Attack Rabbit
Posts: 2560 Joined: Thu Feb 12, 2015 12:40 pm
Post
by jolson Wed Jan 27, 2016 2:58 pm
The PID file may be halting our attempt to start Logstash. Try the following:
Code: Select all
mv /var/run/logstash/logstash.pid ~
service logstash restartTwits Blog
Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
rlinux57
Posts: 324 Joined: Mon Dec 08, 2014 12:03 am
Post
by rlinux57 Wed Jan 27, 2016 3:42 pm
I have moved as per your direction but still:
Code: Select all
service logstash restart
Restarting Logstash Daemon: [FAILED]
WARNING: Default JAVA_OPTS will be overridden by the JAVA_OPTS defined in the environment. Environment JAVA_OPTS are -Djava.io.tmpdir=/usr/local/nagioslogserver/tmp
Error: Could not create the Java Virtual Machine.
Error: A fatal exception has occurred. Program will exit.
/etc/init.d/logstash: line 99: [: 5828: unary operator expected
tmcdonald
Posts: 9117 Joined: Mon Sep 23, 2013 8:40 am
Post
by tmcdonald Thu Jan 28, 2016 2:16 pm
Please attach your /etc/init.d/logstash file.
Former Nagios employee
rlinux57
Posts: 324 Joined: Mon Dec 08, 2014 12:03 am
Post
by rlinux57 Thu Jan 28, 2016 3:15 pm
Please find attachment.
You do not have the required permissions to view the files attached to this post.
scottwilkerson
DevOps Engineer
Posts: 19396 Joined: Tue Nov 15, 2011 3:11 pmLocation: Nagios Enterprises
Contact:
Post
by scottwilkerson Thu Jan 28, 2016 3:30 pm
What OS are you running?