Nagios Support Forum

Hello,

Recently a user installed nxlog on a server, and configured the service to send the IIS logs to the Nagios Log Server.

However, the user misconfigured nxlog.conf, which generated many parse errors in logstash, consuming 100% of space in /var (/var/log/logstash/)

• 1) How can I configure logstash, to leave a maximum of 2 days of logs?

• 2) I would also like a procedure for complete deactivation of the log, if necessary in some emergency.

You can specify the days of logs using the Maintenance Settings located in --> NLS Home --> Admin --> Snapshots & Maintenance

Delete indexes older than x

Here's our guide also.

https://assets.nagios.com/downloads/nag ... enance.pdf

2) I would also like a procedure for complete deactivation of the log, if necessary in some emergency.

As for this, a complete deactivation would be to delete the IIS log Nxlog Input from the nxlog.conffile.
Then restart the nxlog service.

Hello,

The problem is not in nxlog.

On the rotation of logs, I've already found how to modify by changing the file /etc/logrotate.d/nagioslogserver

But, I want to disable the logs gerenated by logstash in the directory /var/log/logstash.

How can I configure logstash, so it does not generate any log.

In the /etc/init.d/logstash (daemon).

I commented out this line. (Put a # in front of it) Then restart logstash Now in /var/log/logstash/logstash.log

This is the last log I am seeing. Of course, in the interface, I am still receiving logs. I hope this helps! Let us know if you have any more questions.