Page 1 of 1
Log server not reporting logs from any server
Posted: Thu May 09, 2019 11:54 am
by bkeating178
I have installed the Nagios Log Server on a server so I could fully test the product out before we purchase it, however, I am having trouble getting my client machines to communicate to the log server and report correctly. At the moment, my log server dashboard is completely blank and doesn't show any devices.
Does anyone have any ideas as to what may or may not be going on?
OS: Ubuntu 18.04
Thanks,
Branden
Re: Log server not reporting logs from any server
Posted: Thu May 09, 2019 1:19 pm
by benjaminsmith
Hi Branden,
If you're evaluating Nagios Log Server, you have the option of registering for a free QuickStart, and we can help you get up and running. You can sign-up here:
https://www.nagios.com/services/quickstart/
What operating system are you running on the client machines? Did you follow the Configuration Setup Guides and Verify Incoming Logs from the UI?
Also, make sure the core processes are running on Nagios Log Server:
Code: Select all
service elasticsearch status
service logstash status
Re: Log server not reporting logs from any server
Posted: Tue Jun 11, 2019 2:14 am
by newmember
For me I did a "tcpdump -i port <receiver port>" on the nagios ls host
This way I could see the traffic coming from the other servers to the correct port.
No traffic, maybe its the nxlog service on the hosts. Check the nxlog log file to see if it has connected to your nagios ls server. Even when you restart the nxlog you will see some traffic in tcpdump.
No traffic, maybe its a firewall somewhere.
eg:
tcpdump -i port 3515 <-- this port is used for Windows event logs.
Then I found out that I had not 'applied' the changes to nagios ls.
Capture.PNG
Maybe this helps.
Re: Log server not reporting logs from any server
Posted: Tue Jun 11, 2019 10:32 am
by benjaminsmith
Hello
@newmember,
Then I found out that I had not 'applied' the changes to nagios ls.
When you applied the changes, did you start receiving logs?
Also, from the screenshot provided, that's an old version of Nagios Log Server. If you're currently evaluating the product, you should upgrade to the latest version.
Here are the instructions for upgrading:
Nagios Log Server Upgrade Instructions
Re: Log server not reporting logs from any server
Posted: Tue Jun 11, 2019 11:08 am
by newmember
Thanks for the keen eye.
This is in pre-production
Yes, I have a request to upgrade to the latest version.
The server is offline and our first few attempts failed to upload because of missing dependencies.
The upgrade fails straight out of the gate because the Redhat host is registered but the RedHat registration fails because the systems are behind a blocked firewall, so no internet access. So the repositories are not available and registration fails.
I will probably need assistance fore the upgrade because I am taking to long by myself.
I am building my inputs as fast as possible, I have 78 sources to develop
I need to get back to the upgrade issues I am having as well.
But on the good side, seeing the data has helped improve problem resolutions times already.
Yes I am collecting data at this point
CapturenagiosLSvolume.PNG
Re: Log server not reporting logs from any server
Posted: Tue Jun 11, 2019 2:42 pm
by benjaminsmith
Hello
@newmember,
But on the good side, seeing the data has helped improve problem resolutions times already.
Yes I am collecting data at this point
Glad to hear your getting data from sources. As far as upgrading goes, I've posted links for both the online and offline upgrade instructions. Let us know if you have any questions.
Nagios Log Server Upgrade Instructions
Nagios Log Server - Offline Upgrade