Nagios Support Forum

Posted: **Wed Oct 17, 2018 1:37 pm**

Hello,

is there a way where we can have a canned query run at a specific time/date? thanks

Posted: **Wed Oct 17, 2018 3:46 pm**

@mtarose, If you have Nagios XI you could use the Log Server Query wizard that integrates with the log server and runs already existing or a new query in the specified time. Here's more information on how to set it up:
https://support.nagios.com/kb/article.php?id=75

Posted: **Fri Oct 19, 2018 1:51 pm**

Hello,

we do not use nagios XI. is there a way to run the lucene query from a cli/bash/python environment?

thanks

Posted: **Fri Oct 19, 2018 4:06 pm**

@mtarose, As of right now, I can't think of any other way. You could request a custom Dev assistance by emailing [email protected].

Posted: **Mon Oct 22, 2018 11:25 am**

mtarose wrote:is there a way to run the lucene query from a cli/bash/python environment?

Totally. You can either use the Nagios Log Server API to hit the Elasticsearch API, or if this is running on an NLS node hit the ElasticSearch API directly:
https://www.elastic.co/guide/en/elastic ... /docs.html

curl is a handy CLI based HTTP client that can be used to hit either of those APIs. It ships with most CentOS/RHEL installations.

Though I'm not sure what good just running a query is. I'd imagine you'd like to analyze the results, which would also need to be baked into this script.

Posted: **Mon Oct 22, 2018 5:02 pm**

Thanks, @mcapra. After some research I found a syntax you'd use for the API query:

curl -XPOST http://192.165.53.6/nagioslogserver/ind ... heck/query -d 'token=1396e08757545557073844695e5b64caa0bd3ad3&minutes=99&query=<url_encoded_query>&warning=1&critical=2'

Here's an example of a URL encoded query:

%7B%0A%09%22query%22%3A+%7B%0A%09%09%22filtered%22%3A+%7B%0A%09%09%09%22query %22%3A+%7B%0A%09%09%09%09%22bool%22%3A+%7B%0A%09%09%09%09%09%22should%22%3A+%5B% 0A%09%09%09%09%09%09%7B%0A%09%09%09%09%09%09%09%22query_string%22%3A+%7B%0A%09%0 9%09%09%09%09%09%09%22query%22%3A+%22test9%22%0A%09%09%09%09%09%09%09%7D%0A%09%0 9%09%09%09%09%7D%0A%09%09%09%09%09%5D%0A%09%09%09%09%7D%0A%09%09%09%7D%2C%0A%09% 09%09%22filter%22%3A+%7B%0A%09%09%09%09%22bool%22%3A+%7B%0A%09%09%09%09%09%22mus t%22%3A+%5B%0A%09%09%09%09%09%09%7B%0A%09%09%09%09%09%09%09%22range%22%3A+%7B%0A %09%09%09%09%09%09%09%09%22%40timestamp%22%3A+%7B%0A%09%09%09%09%09%09%09%09%09% 22from%22%3A+0%2C%0A%09%09%09%09%09%09%09%09%09%22to%22%3A+0%0A%09%09%09%09%09%0 9%09%09%7D%0A%09%09%09%09%09%09%09%7D%0A%09%09%09%09%09%09%7D%0A%09%09%09%09%09% 5D%0A%09%09%09%09%7D%0A%09%09%09%7D%0A%09%09%7D%0A%09%7D%0A%7D

Here's the tool to encode queries:
https://www.url-encode-decode.com/

Let us know if you have any questions.

Nagios Support Forum

Query to run at specified times

Query to run at specified times

Re: Query to run at specified times

Re: Query to run at specified times

Re: Query to run at specified times

Re: Query to run at specified times

Re: Query to run at specified times