Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Better Apache Dashboard

https://support.nagios.com/forum/viewtopic.php?t=36015

Page 1 of 1

Better Apache Dashboard

Posted: Thu Dec 03, 2015 1:56 pm
by comfone
Hi All
The Better Apache Dashboard is not the queries "log sources", "Events" and "Bandwidth".
Why could that be?
That is the filter I am using:

if [type] == 'apache_access_log' {
grok {
match => [ 'message', '%{COMMONAPACHELOG}']
}
geoip {
source => 'clientip'
}
date {
match => [ 'timestamp', 'dd/MMM/yyyy:HH:mm:ss Z' ]
}
mutate {
replace => [ 'type', 'apache_access' ]
convert => [ 'bytes', 'integer' ]
convert => [ 'response', 'integer' ]
}
}

if [type] == 'apache_error_log' {
grok {
match => [ 'message', '\[(?<timestamp>%{DAY:day} %{MONTH:month} %{MONTHDAY} %{TIME} %{YEAR})\] \[.*:%{LOGLEVEL:loglevel}\] \[pid %{NUMBER:pid}\] \[client %{IP:clientip}:.*\] %{GREEDYDATA:errormsg}']
}
mutate {
replace => [ 'type', 'apache_error' ]
}
}

Re: Better Apache Dashboard

Posted: Thu Dec 03, 2015 4:01 pm
by jolson
Could I please see a few example apache logs that are entering your system? I'd like you to open up a few logs from the NLS GUI and show me the output of the 'messages' field.

This is a query that may be better served through a remote session - if you'd like a remote to get this resolved more quickly feel free to email [email protected] and I'll pick up the ticket. Thanks!

Re: Better Apache Dashboard

Posted: Fri Dec 04, 2015 2:29 pm
by comfone
Thank you for your help.
Cheers,

Re: Better Apache Dashboard

Posted: Fri Dec 04, 2015 2:36 pm
by jolson
No problem, happy to help! I'll close this thread out since the problem was resolved in the remote session. Ultimately the filter had to be modified to include the rsyslog information as well as the apache information. Thanks!

Jesse
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited