Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
Nagios Log Server Export
See GitHub
2016-12-08
- Nagios Log Server
10666
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
Please visit the github for usage instructions. If you encounter a problem with this plugin or have questions, please use the github.
If this application is used from the NLS machine, this is no problem; Just use localhost or 127.0.0.1 for the -host argument. However, if we are using this application from a remote machine, the Elasticsearch API must be front-facing. BE AWARE THAT MAKING YOUR ELASTICSEARCH API FRONT-FACING CAN BE DANGEROUS.
The easiest way to do this:
edit /usr/local/nagioslogserver/elasticsearch/config/elasticsearch.yml
change the http.host setting from localhost to 0.0.0.0, save the changes
service elasticsearch restart
give elasticsearch time to start up
Be sure to revert these changes once you are done exporting your data. If you do not change your http.host setting back to localhost afterwards, your Nagios Log Server machine may become unstable.
If this application is used from the NLS machine, this is no problem; Just use localhost or 127.0.0.1 for the -host argument. However, if we are using this application from a remote machine, the Elasticsearch API must be front-facing. BE AWARE THAT MAKING YOUR ELASTICSEARCH API FRONT-FACING CAN BE DANGEROUS.
The easiest way to do this:
edit /usr/local/nagioslogserver/elasticsearch/config/elasticsearch.yml
change the http.host setting from localhost to 0.0.0.0, save the changes
service elasticsearch restart
give elasticsearch time to start up
Be sure to revert these changes once you are done exporting your data. If you do not change your http.host setting back to localhost afterwards, your Nagios Log Server machine may become unstable.
Reviews (1)
byitheodoridis, September 21, 2017
Hello Matt!
Excellent work, I need your help with one thing, after looking for additional documentation for your tool anywhere but not finding any.
We are trying to narrow down our exported logs by time as well as day, plus we wanted to exclude some sources. So we created a filter for it in the Elastic Search Dasboard in NLS.
With your tool using a command like this
java -jar nlsexport.jar -host=localhost -date_start=2017.09.19 -date_end=2017.09.19 -output_path=/root/logs/ -output_format=csv
gives us everything for that day. If we wanted to use the query parameter that is included in your tool, how would we go about it?
Let's say for example that our filter has the following conditions
1) querystring mustNot
query : 127.0.0.1
2) querystring must
query : host = 10.132.1.5
3) time must
field : @timestamp
from : 2017-09-19T04:39:43.682Z
to : 2017-09-19T04:50:51.144Z
What would that look like in the above command line string?
The one included in the example
-query='{"query":{"query_string":{"query":"my query string"}}}'
is not very helpful I am afraid, I can't figure out what to replace with what, especially for the time.
Any help would be appreciated.
Thanks!
Excellent work, I need your help with one thing, after looking for additional documentation for your tool anywhere but not finding any.
We are trying to narrow down our exported logs by time as well as day, plus we wanted to exclude some sources. So we created a filter for it in the Elastic Search Dasboard in NLS.
With your tool using a command like this
java -jar nlsexport.jar -host=localhost -date_start=2017.09.19 -date_end=2017.09.19 -output_path=/root/logs/ -output_format=csv
gives us everything for that day. If we wanted to use the query parameter that is included in your tool, how would we go about it?
Let's say for example that our filter has the following conditions
1) querystring mustNot
query : 127.0.0.1
2) querystring must
query : host = 10.132.1.5
3) time must
field : @timestamp
from : 2017-09-19T04:39:43.682Z
to : 2017-09-19T04:50:51.144Z
What would that look like in the above command line string?
The one included in the example
-query='{"query":{"query_string":{"query":"my query string"}}}'
is not very helpful I am afraid, I can't figure out what to replace with what, especially for the time.
Any help would be appreciated.
Thanks!