Re: [ossec-list] OSSEC and Nagios integration

Yes, I did get this set up although not via NRPE: - Log OSSEC alerts for a certain level to Elasticsearch/Logstash and Kibana - Nagios runs a query on Kibana for this alert level and displays the alerts in a nagios dashboard. (the alert stays there for 24 hours and is then auto removed after 24

Re: [ossec-list] OSSEC and Nagios integration

@Michiel did you ever get this set up? If so do you have any tips you can share? On Tuesday, February 18, 2014 at 2:30:34 AM UTC-8, Michiel van Es wrote: > > I found something interesting at > http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html which > uses NRPE to swatch/grep the

Re: [ossec-list] OSSEC and Nagios integration

I found something interesting at http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html which uses NRPE to swatch/grep the alerts.log logfile for specific alert levels and display those in Nagios. Op donderdag 6 februari 2014 10:28:58 UTC+1 schreef Chris H: > > could you do something w

Re: [ossec-list] OSSEC and Nagios integration

could you do something with the syslog output? send the alerts you're interested in to syslog on the nagios host and tail the logs from that? Might allow you to be a bit more selective, too. On Wednesday, February 5, 2014 1:53:38 PM UTC, Michiel van Es wrote: > > To be more precise: this is th

Re: [ossec-list] OSSEC and Nagios integration

To be more precise: this is the most valuable link I found: http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html I am still interested in other peoples' implementations. Op woensdag 5 februari 2014 14:45:26 UTC+1 schreef Michiel van Es: > > Yes, First 3 hits about mail scripts (nagios

Re: [ossec-list] OSSEC and Nagios integration

Yes, First 3 hits about mail scripts (nagios exchange) and 'swatch alike scripts' but not a lot of specific setup information. That is why I ask it here what people use nowadays and how their setup looks like. Michiel Op woensdag 5 februari 2014 14:32:47 UTC+1 schreef Darin Perusich: > > Have y

Re: [ossec-list] OSSEC and Nagios integration

Have you asked Google? -- Later, Darin On Wed, Feb 5, 2014 at 6:47 AM, Michiel van Es wrote: > Hello, > > I was wondering if someone already used the OSSEC and Nagios to generate > alerts ? > I have the following idea in my head: alert of level 11+ will be seen by a > monitor/swatch script taili

[ossec-list] OSSEC and Nagios integration

Hello, I was wondering if someone already used the OSSEC and Nagios to generate alerts ? I have the following idea in my head: alert of level 11+ will be seen by a monitor/swatch script tailing the /var/ossec/logs/alerts/alerts.log logfile and generates an alert/trigger and sends it to Nagios.