Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Changing the IP Address Nagios LS listens to

https://support.nagios.com/forum/viewtopic.php?t=48868

Page 1 of 1

Changing the IP Address Nagios LS listens to

Posted: Tue Jun 05, 2018 12:42 pm
by nms
Hi,

We own Nagios XI and lately we are starting the evaluation of the Nagios Log Server.
I have installed the LS on a Centos 6.9 which have two IP Address, eth0 used for mgmt, while the eth1 is used for production purposes.
Once the installation was finished i logged in successful to the url given, which was the eth0 mgmt one.
However our devices are setup to send syslog messages towards the production interface (eth1).
Is there a way of configuring the LS to listen on the eth1 address, default port 514, whilst leaving the LS URL access to the mgmt one?

Rgds,

Matthew

Re: Changing the IP Address Nagios LS listens to

Posted: Tue Jun 05, 2018 2:23 pm
by cdienger
Did you want to actively deny LS traffic from coming in on eth0? LS by default should be listening on all interfaces(likewise for the web UI). This can be done with some iptables/firewall rules, but I just want to be clear on exactly what is being requested.

LS will not be able to listen on port 514 by default since 514 is considered a privileged port and requires elevated permissions to open it. https://assets.nagios.com/downloads/nag ... Server.pdf covers enabling privileged ports if needed. You can then modify the default syslog input to listen on port 514 by editing it and changing the config to:

syslog {
type => 'syslog'
port => 514
use_labels => 'false'
}

Re: Changing the IP Address Nagios LS listens to

Posted: Wed Jun 06, 2018 3:04 am
by nms
Hi cdienger,

Thanks for your reply. I assumed it should listen on both interfaces, but i see the config set as:

Code: Select all

Logstash is currently collecting locally on: 10.192.254.45 tcp: 514, 2056, 2057, 3515udp: 514
Which 10.192.254.45 address is eth0 (Also the webgui). I found no problems in changing the udp port as you can see above.
The next step was to verify that i am receiving messages to this server, in which i am. An example attached (Syslog messages hitting the eth1 interface 10.192.4.10).

This means no firewall rules involved, also the iptables rules on linux are flushed.
Do i need to build another instance for 10.192.4.10?

Rgds,

Matthew

Re: Changing the IP Address Nagios LS listens to

Posted: Wed Jun 06, 2018 12:59 pm
by cdienger
No need to build another instance. The UI is just showing the first interface it finds, but as you've tested, it is listening on the other interface as well. Simply point devices to send data to eth1 and use eth0 to manage it.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited