Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Splunk access to Nagios NDOUtils data

https://support.nagios.com/forum/viewtopic.php?t=45182

Page 1 of 1

Splunk access to Nagios NDOUtils data

Posted: Wed Aug 16, 2017 12:42 am
by raamardhani7
Hi Team,

We are setting up Splunk to pull in Nagios logs.So we need to create read only access to the MySQL instance(s) that hold the Nagios telemetry data (NDOUtils) for the some user xyz.

Could please let us know is this possible to create and if we can create could please share the steps.

Re: Splunk access to Nagios NDOUtils data

Posted: Wed Aug 16, 2017 11:43 am
by dwhitfield
raamardhani7 wrote: We are setting up Splunk to pull in Nagios logs.
Can you explain a bit more why you need to pull this from the database? There's https://assets.nagios.com/downloads/nag ... ptions.pdf

Also, if you need ndo2db logs specifically, there's a ndo2db.debug file that is used when debug_level is set to something other than 0 in /usr/local/nagios/etc/ndo2db.cfg

I suppose I would be remiss if I did not also point you to https://www.nagios.com/products/nagios-log-server/

Lastly, what kind of user are you talking about? XI contact, XI user, Linux user?

Re: Splunk access to Nagios NDOUtils data

Posted: Fri Aug 18, 2017 7:21 am
by raamardhani7
Hi,

We have most devices logging to Splunk and would like to connect to the Nagios servers for the networking and server monitoring.
What is needed from the our Nagios side is:
1.have NDOUtils installed on your Nagios instance(we already have )
2. have an account with read privileges on the MySQL database of NDOUtils



Could please let me know how to create read only access to the MySQL instance(s) that hold the Nagios telemetry data (NDOUtils) for the splunk user .This is very urgent.Could please help.

Re: Splunk access to Nagios NDOUtils data

Posted: Fri Aug 18, 2017 8:23 am
by mcapra
I would highly recommend collaborating with your MySQL administrator on this, as no one here knows the full structure of your organization or it's policies regarding such matters.

Here are some examples of how to add read-only MySQL users, but again I would highly recommend working with your MySQL administrator on this.
http://www.alphadevx.com/a/388-Adding-a ... MySQL-user

If you copy+paste the commands in that article, this will not work. You will need a bit of intuition. The NDOUtils database you will need to grand the SELECT privilege to is nagios.

Re: Splunk access to Nagios NDOUtils data

Posted: Fri Aug 18, 2017 12:02 pm
by dwhitfield
If you download our installer and extract it, you can run the following command in /tmp/nagiosxi to get an idea of how we do it grep -R GRANT

Basically, instead of GRANT ALL, you'd GRANT SELECT.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited