Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Using one NLS to forward logs to another NLS

https://support.nagios.com/forum/viewtopic.php?t=49435

Page 1 of 1

Using one NLS to forward logs to another NLS

Posted: Mon Jul 16, 2018 7:02 am
by mgarrity10
Is it possible to use an output rule to forward all logs from one Nagios Log Server instance to a second Nagios Log Server Instance? If so, how is this done?

Re: Using one NLS to forward logs to another NLS

Posted: Tue Jul 17, 2018 11:25 am
by cdienger
You can configure the forwarding NLS machine with an output like so under Configure > Global > Global Config > Show Outputs:

elasticsearch {
hosts => ['w.x.y.z']
document_type => '%{type}'
workers => 4
}

Where w.x.y.z is the IP address of the receiveing NLS machine.

The recieving machine's elasticsearch instance only listens on localhost by default, but you can change this by editing /usr/local/nagioslogserver/elasticsearch/config/elasticsearch.yml, and changing the line:

http.host: "localhost"

to:

http.host: 0.0.0.0

and then restarting elasticsearch:

service elasticsearch restart

That should be all there is to set it up. All records sent to he first instance will now be forwarded.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited