Nagios Support Forum

Posted: **Fri Sep 02, 2016 5:09 pm**

Hello,

I've been running the Nagios Logs trial, I must say I'm quite enjoying the product. I'm coming from an open source ELK stack so the ability to have email alerts is a huge selling point for me.

I have a few questions I was hoping to get some input on:
1. Our development team has an internal application that uses the Elasticsearch Java API to query for certain logs, is there any discrepancy between the Elasticsearch bundled with the Nagios Logs VM image and a stock install of Elasticsearch?
2. Is it possible to further configure index retention via the GUI? I see the option to delete all indexes older than X number of days but we were hoping to customize that based off index data.

For number 2 I presume this would have to be done via the ES REST API as a cronjob on the server, or the Logstash config modified to grok certain attributes of a syslog message and submit to a separate index. Perhaps I'm missing something though.

Thanks for any input!

Posted: **Sun Sep 04, 2016 9:43 pm**

Answer to #2 is, currently, "no." No fine tuning of indexes, I'm afraid.

Answer to #1 is, "likely." A specific version of logstash and elasticsearch was included in NLS and there are changes from stock OSS. However, you won't hurt anything by poking at the API, so feel free to try it out!

Posted: **Tue Sep 06, 2016 9:15 am**

Thanks @eloyd!

@ciaranrh let us know if you have additional questions!

Posted: **Tue Sep 06, 2016 10:54 am**

Awesome thanks for the info, in regards to " A specific version of logstash and elasticsearch was included in NLS and there are changes from stock OSS", what version of Logstash and ES would this be exactly? I want to be able to make sure I'm reviewing the right documentation for the API.

Thanks,
Ciaran

Posted: **Tue Sep 06, 2016 11:05 am**

As of version 1.4.2:

Code: Select all

Nagios Log Server	1.4.2
Elasticsearch	1.6.0
Logstash	1.5.1
Kibana	3.1.1-nagios3

Posted: **Tue Sep 06, 2016 11:07 am**

Elasticsearch 1.6
Logstash 1.5.1

Edit: obviously @mcapra beat me to it.

Posted: **Tue Sep 06, 2016 1:15 pm**

Thanks @eloyd!

@ciaranrh - let us know if you have further questions.

Posted: **Wed Sep 07, 2016 11:47 am**

Another question if I may (I'll likely have a few more, so the patience is appreciated).

Is NagiosXI there was a way to add a root CA in the web GUI to allow SSL encryption of LDAP/AD traffic, does NLS offer a similar feature? I can't seem to locate the option to myself in the NLS web GUI.

Thanks,
Ciaran

Posted: **Wed Sep 07, 2016 2:38 pm**

Not through the web GUI. You should be able to install the root CA on the system through the CLI though.

From the LDAP/AD page:

Code: Select all

If you're planning on using SSL or TLS with self-signed certificates you need to make sure the proper certificates are installed on the Nagios Log Server server or you will not be able to connect to your LDAP / Active Directory server.

Nagios Support Forum

Trial User - A few questions

Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions

Re: Trial User - A few questions