Thx Badger. This is how I edited logstash-nagios.conf(see below) and logs. It still says skipping commandfile during start. Is that a must? what should I put in there? Also Nothing on nagios server side. I think we need to specify port as well after (hostname:port)
Is there any working example we have?
input {
file {
path => "/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log"
start_position => "beginning"
}
}
filter {
mutate {
_ add_field => {_
_ "nagios_host" => "abc.def.com"_
_ "nagios_service" => "LOGSTASH-POC-TEST"_
_ }_
_ }_
}
output {
if [message] =~ /(OK|error|ERROR|CRITICAL)/ {
nagios {
id => "Nagios_plugin_3462"
}
stdout { codec => rubydebug }
}
}
logs-
$ ../bin/logstash -f logstash-nagios.conf --path.data=/opt/app/23vbklg/apps/logstash/logstash-6.4.0/data2/
Sending Logstash logs to /opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs which is now configured via log4j2.properties
[2019-01-28T12:43:10,531][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.queue", :path=>"/opt/app/23vbklg/apps/logstash/logstash-6.4.0/data2/queue"}
[2019-01-28T12:43:10,548][INFO ][logstash.setting.writabledirectory] Creating directory {:setting=>"path.dead_letter_queue", :path=>"/opt/app/23vbklg/apps/logstash/logstash-6.4.0/data2/dead_letter_queue"}
[2019-01-28T12:43:10,961][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2019-01-28T12:43:11,027][INFO ][logstash.agent ] No persistent UUID file found. Generating new UUID {:uuid=>"e8058432-cb1b-4049-9d3b-b916f718f70e", :path=>"/opt/app/23vbklg/apps/logstash/logstash-6.4.0/data2/uuid"}
[2019-01-28T12:43:11,850][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"6.4.0"}
[2019-01-28T12:43:20,027][INFO ][logstash.pipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>64, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50}
[2019-01-28T12:43:20,626][INFO ][logstash.inputs.file ] No sincedb_path set, generating one based on the "path" setting {:sincedb_path=>"/opt/app/23vbklg/apps/logstash/logstash-6.4.0/data2/plugins/inputs/file/.sincedb_4e7f4d08e52b6c8ec9d2d9593924baef", :path=>["/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log"]}
[2019-01-28T12:43:20,684][INFO ][logstash.pipeline ] Pipeline started successfully {:pipeline_id=>"main", :thread=>"#<Thread:0x7f348796 run>"}
[2019-01-28T12:43:20,769][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>}
[2019-01-28T12:43:20,789][INFO ][filewatch.observingtail ] START, creating Discoverer, Watch with file and sincedb collections
[2019-01-28T12:43:21,627][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9601}
[2019-01-28T12:43:22,404][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x15cf5710}
[2019-01-28T12:43:22,407][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x64945712}
[2019-01-28T12:43:22,413][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x4f42583a}
[2019-01-28T12:43:22,415][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x1c0cd50}
[2019-01-28T12:43:22,416][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x54e83f7b}
[2019-01-28T12:43:22,417][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0xe8020cb}
[2019-01-28T12:43:22,417][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x75cd72a}
[2019-01-28T12:43:22,420][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x75e590b2}
[2019-01-28T12:43:22,421][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x3889f8f9}
[2019-01-28T12:43:22,422][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0xb8a9643}
[2019-01-28T12:43:22,423][WARN ][logstash.outputs.nagios ] Skipping nagios output; command file is missing {:commandfile=>"/var/lib/nagios3/rw/nagios.cmd", :missed_event=>#LogStash::Event:0x4eac5b40}
{
"@timestamp" => 2019-01-28T20:43:22.126Z,
"message" => "[2019-01-28T12:20:13,497][ERROR][org.logstash.Logstash ] java.lang.IllegalStateException: Logstash stopped processing because of an error: (SystemExit) exit",
"path" => "/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log",
"nagios_service" => "LOGSTASH-POC-TEST",
"@version" => "1",
"host" => "ostst143",
"nagios_host" => "abc.def.com"
}
{
"@timestamp" => 2019-01-28T20:43:22.120Z,
"message" => "[2019-01-28T12:13:22,445][ERROR][logstash.outputs.nagios ] Unknown setting 'nagios_host' for nagios",
"path" => "/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log",
"nagios_service" => "LOGSTASH-POC-TEST",
"@version" => "1",
"host" => "ostst143",
"nagios_host" => "abc.def.com"
}
{
"@timestamp" => 2019-01-28T20:43:22.122Z,
"message" => "if [message] =~ /(OK|error|ERROR|CRITICAL)/ {",
"path" => "/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log",
"nagios_service" => "LOGSTASH-POC-TEST",
"@version" => "1",
"host" => "ostst143",
"nagios_host" => "abc.def.com"
}
{
"@timestamp" => 2019-01-28T20:43:22.119Z,
"message" => "[2019-01-28T12:09:23,841][ERROR][logstash.outputs.nagios ] Unknown setting 'nagios_host' for nagios",
"path" => "/opt/app/23vbklg/apps/logstash/logstash-6.4.0/logs/logstash-plain.log",
"nagios_service" => "LOGSTASH-POC-TEST",
"@version" => "1",
"host" => "ostst143",
"nagios_host" => "abc.def.com"
}strong text