Nagios Support Forum

@tcsdi, Thank you. My other recommendation is to increase the Logstash heap size and open files limits. Please follow this article and let me know if this helps.
https://support.nagios.com/kb/article/n ... g-576.html

npolovenko wrote:@tcsdi, Thank you. My other recommendation is to increase the Logstash heap size and open files limits. Please follow this article and let me know if this helps.
https://support.nagios.com/kb/article/n ... g-576.html

Hi @npolovenko,

We tried creating a new server, installed nagioslogserver and tried to restore the backup from the old one using this, https://assets.nagios.com/downloads/nag ... Server.pdf

You can check out the attachments for a screenshot of the old and new server.

1. Should I use the same hostname and IP address on the new server?

2. Also, do I need to have the same cluster ID and instance ID from the old one?

@tcsdi, After you spin up a new log server instance you should import logs from the repo. Then you can change the hostname and IP address on the new LS to match the old one. That way all configured logs will keep coming to the same location. Don't forget to turn off the old LS before you do that to avoid any network conflicts. Cluster ID and Instance ID don't have to be the same.

npolovenko wrote:@tcsdi, After you spin up a new log server instance you should import logs from the repo. Then you can change the hostname and IP address on the new LS to match the old one. That way all configured logs will keep coming to the same location. Don't forget to turn off the old LS before you do that to avoid any network conflicts. Cluster ID and Instance ID don't have to be the same.

Hi @npolovenko,

Nagios LS is now working, however I encountered some issues. I'm currently not receiving DNS logs and WAF logs.

The attached image shows waflog movement but I still have my waflog at (0). I also attached the profile for your reference.

@tcsdi, On your second screenshot waflog has a value of 4.131 but it's 0 on the legend. I'm not sure how that is possible. Were you hovering over the old data?
But the reason why you're not receiving logs for the waflog and the dnslog is because listening ports are not open in the firewall. See the "Firewall Ports" section of this tutorial.
https://assets.nagios.com/downloads/nag ... Inputs.pdf
You need to open ports: 2055,5545,5543,5541