Hi Team,
We are setting up Splunk to pull in Nagios logs.So we need to create read only access to the MySQL instance(s) that hold the Nagios telemetry data (NDOUtils) for the some user xyz.
Could please let us know is this possible to create and if we can create could please share the steps.
Splunk access to Nagios NDOUtils data
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Splunk access to Nagios NDOUtils data
Can you explain a bit more why you need to pull this from the database? There's https://assets.nagios.com/downloads/nag ... ptions.pdfraamardhani7 wrote: We are setting up Splunk to pull in Nagios logs.
Also, if you need ndo2db logs specifically, there's a ndo2db.debug file that is used when debug_level is set to something other than 0 in /usr/local/nagios/etc/ndo2db.cfg
I suppose I would be remiss if I did not also point you to https://www.nagios.com/products/nagios-log-server/
Lastly, what kind of user are you talking about? XI contact, XI user, Linux user?
-
raamardhani7
- Posts: 459
- Joined: Tue Jun 02, 2015 12:36 am
Re: Splunk access to Nagios NDOUtils data
Hi,
We have most devices logging to Splunk and would like to connect to the Nagios servers for the networking and server monitoring.
What is needed from the our Nagios side is:
1.have NDOUtils installed on your Nagios instance(we already have )
2. have an account with read privileges on the MySQL database of NDOUtils
Could please let me know how to create read only access to the MySQL instance(s) that hold the Nagios telemetry data (NDOUtils) for the splunk user .This is very urgent.Could please help.
We have most devices logging to Splunk and would like to connect to the Nagios servers for the networking and server monitoring.
What is needed from the our Nagios side is:
1.have NDOUtils installed on your Nagios instance(we already have )
2. have an account with read privileges on the MySQL database of NDOUtils
Could please let me know how to create read only access to the MySQL instance(s) that hold the Nagios telemetry data (NDOUtils) for the splunk user .This is very urgent.Could please help.
Re: Splunk access to Nagios NDOUtils data
I would highly recommend collaborating with your MySQL administrator on this, as no one here knows the full structure of your organization or it's policies regarding such matters.
Here are some examples of how to add read-only MySQL users, but again I would highly recommend working with your MySQL administrator on this.
http://www.alphadevx.com/a/388-Adding-a ... MySQL-user
If you copy+paste the commands in that article, this will not work. You will need a bit of intuition. The NDOUtils database you will need to grand the SELECT privilege to is nagios.
Here are some examples of how to add read-only MySQL users, but again I would highly recommend working with your MySQL administrator on this.
http://www.alphadevx.com/a/388-Adding-a ... MySQL-user
If you copy+paste the commands in that article, this will not work. You will need a bit of intuition. The NDOUtils database you will need to grand the SELECT privilege to is nagios.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: Splunk access to Nagios NDOUtils data
If you download our installer and extract it, you can run the following command in /tmp/nagiosxi to get an idea of how we do it grep -R GRANT
Basically, instead of GRANT ALL, you'd GRANT SELECT.
Basically, instead of GRANT ALL, you'd GRANT SELECT.