Is there a way to bulk import in rules and alerts? I'm about 300 alerts into a 5000+ setup job and my eyes are going to melt out of my head.
I see there is functionality to export and import queries and i'm hoping there is something like this for alerts also.
Also Where are these alerts stored so if I need to backup all of them or copy them to a replacement system I will be able to also i'm curious to poke at them if they are flat files and see if there is any automation magic I can do with them.
Your alerts are stored in the 'nagioslogserver' index maintained in the elasticsearch database. These indices use some lucene magic on the backend, so unfortunately there aren't flat files that we can mess with here. If you'd like to take a look at the files generated by the index in question, they are located here: /usr/local/nagioslogserver/elasticsearch/data/xxx-xxx/nodes/0/indices/nagioslogserver/0/index/ - keep in mind that most of these files aren't readable.
The 'nagioslogserver' index is backed up daily by a cron job that runs - you can view these backups in your /store/backups/nagioslogserver directory.
As for bulk importing alerts, I think that's a great idea and will submit a feature request on your behalf.
TwitsBlog Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
Your alerts are stored in the 'nagioslogserver' index maintained in the elasticsearch database. These indices use some lucene magic on the backend, so unfortunately there aren't flat files that we can mess with here. If you'd like to take a look at the files generated by the index in question, they are located here: /usr/local/nagioslogserver/elasticsearch/data/xxx-xxx/nodes/0/indices/nagioslogserver/0/index/ - keep in mind that most of these files aren't readable.
The 'nagioslogserver' index is backed up daily by a cron job that runs - you can view these backups in your /store/backups/nagioslogserver directory.
As for bulk importing alerts, I think that's a great idea and will submit a feature request on your behalf.
Yes pretty please put in a feature request for that. This feature would save me a huge amount of time. Currently I'm making a dashboard with the query for whatever alert I'm making, which normally is comprised of 4 or 5 filters. Then creating an alert from that. Were using NDRP so I need to then create a dummy service in nagios. I just have 1 host for all the services coming in from NDRP so at least I don't need to create a host every time.
Another feature that would be nice is the ability to have multiple alert options. i.e send an e-mail and go to the dashboard. I have several alerts that need to notify multiple groups but our operations team uses a central dashboard using NRDP and everyone else just needs to receive an e-mail. So i may need to create some of these alerts twice.
Also if you could make the "manage queries" window that pops out for saving and searching queries a bit bigger that would be nice too but this is just my wishlist.
In the feature request I have explicitly mentioned this forum post, so whoever handles it will likely read what you have written when reviewing it. I also added your notes to the feature request as additional information.
I agree with you on all points.
TwitsBlog Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
jolson wrote:In the feature request I have explicitly mentioned this forum post, so whoever handles it will likely read what you have written when reviewing it. I also added your notes to the feature request as additional information.
I'll keep this thread open in case there's anything else other clients might like to add, as this feature request is pretty open-ended. Thanks for the suggestions Jklre!
Jesse
TwitsBlog Show me a man who lives alone and has a perpetually clean kitchen, and 8 times out of 9 I'll show you a man with detestable spiritual qualities.
