I wanna kick ELK to the curb!

benhank · Post by **benhank** » Tue Oct 21, 2014 4:51 pm

How would I set up NLS to pull in old logs and data that has already been processed by my ELK stack?

abrist · Post by **abrist** » Wed Oct 22, 2014 1:28 pm

This is a good question. I am going to pull in a dev on this one. More shortly.

scottwilkerson · Post by **scottwilkerson** » Wed Oct 22, 2014 1:48 pm

Here's the quick way to accomplish this..

Add the following input to just ONE instance of your Nagios Log Server cluster
Admin -> PER INSTANCE (ADVANCED) -> Select 1 instance -> Add Input
Then, based on this input you will add something like the following to connect to your OLD ELK server

Code: Select all

input {
  # Read all documents from Elasticsearch matching the given query
  elasticsearch {
    host => "YOUR_OLD_SERVER_HOSTNAME"
    size => 10000
  }
}

Then, Apply configuration, and all of data will be pulled into Log Server from your existing ELK stack.

benhank · Post by **benhank** » Mon Oct 27, 2014 1:21 pm

all set can be locked

Nagios Support Forum

I wanna kick ELK to the curb!

I wanna kick ELK to the curb!

Re: I wanna kick ELK to the curb!

Re: I wanna kick ELK to the curb!

Re: I wanna kick ELK to the curb!