Page 1 of 1
question for yah.
Posted: Tue Jan 20, 2015 2:16 pm
by benhank
How do I get NLS to give me a readout of the systems reporting to it?
For a special reason I cant use the query options. Does the server have some file that I can pull up?
Re: question for yah.
Posted: Tue Jan 20, 2015 2:22 pm
by eloyd
To my knowledge, since there is no setup required on the NLS side to send logs to it, there is no central config file or other repository besides the elasticsearch/logstash indices that contain that information. If you cannot run a query, and assuming you cannot mouse over the event list to see what shows up from "loghost," then you might need to look at network traffic to find out.
I'm sure someone know more than I do about this.
Re: question for yah.
Posted: Tue Jan 20, 2015 3:45 pm
by slansing
You can also take a look at Dashboards > Top sources and types, it will show you the list of remote hosts in the Host panel.
Re: question for yah.
Posted: Tue Jan 20, 2015 3:48 pm
by eloyd
For a special reason I cant use the query options. Does the server have some file that I can pull up?
I read this as wanting to accomplish this task from the command line, somehow. I suppose you could write a query URL and do it that way, too.
Re: question for yah.
Posted: Tue Jan 20, 2015 4:12 pm
by tmcdonald
I believe the "Retrieving logs from X hosts" is just looking at the count of unique hosts in the elasticsearch database. That's all I can think of since neither Logstash nor Elasticsearch really keep a tally on that sort of thing, so a query would be the only way.
Re: question for yah.
Posted: Wed Jan 21, 2015 11:23 am
by benhank
Hey Thanks for the info T !.If no one else on the team has any other info, you can lock it up!