Nagios Support Forum

Hi

We are trying a POC , where we are trying to replace IP's with Hostnames in Nagios Log Server.

We are pushing the Logs from AEM(Adobe Experience Manager -Enterprise CMS) to Nagios Log Server.

We tried configuring the dashboard in Nagios Log Server with Hostnames replacing IP's but the logs are not getting populated.

We are looking at the server logs of Nagios Log Server and we couldn't find the cause of the issue.

Can you please help us on getting the logs populated without any issues by replacing hostnames with IP's?

Thanks
Aneesh

Hi,

Welcome to the Nagiso Customer Support Forum!

Looking this over, I believe using the DNS filter would work for you, let me know.

This is pretty well documented in the following thread.

FQDN instead of IP

Take a look and let us know if you have more questions or need any assistance.

Regards,
Benjamin

Thanks for the response.
As per my understanding, DNS Filter is a configuration where we are mapping the IP to DNS or Hostname.
Let's say if we may change servers(for increasing disk space) in Dev Environment, Hostname is permanent for a particular environment and IP's may change and we need to manually update the IP's in configuration.
But we are looking for something where we configure Hostname which may not change if we move from one server to one server for a particular environment because Hostnames tend to be permanent but IP''s won't.
Can you please let us know if there is any configuration in Nagios Log Server where IP''s should not be used and instead Hostnames are Configured which doesn't affect normal functioning of Nagios Log Server.

Thanks
Aneesh

If the logs contain a hostname it can be extracted using a grok filter.

If the logs do not contain a hostname then I would recommend the DNS filter as was pointed out before. The DNS filter relies on the system's DNS to do forward and reverse lookups. If DNS is setup properly, it is really the best method to get the hostname.

If DNS isn't an option then I would probably look into setting up a translate filter - https://www.elastic.co/guide/en/logstas ... slate.html. This does not seem like something I would want to maintain for any more than a few hosts however.

Thanks for your response.

Can you please specify additional details on grok filter?

we would like to know more details like purpose of grok filter and how to configure /implement it.

so that we it would be helpful to analyze whether this approach is suitable for our POC.

Thanks
Aneesh

Parsing a log is covered in detail in this document:

https://assets.nagios.com/downloads/nag ... ilters.pdf