Yes, I did get this set up although not via NRPE:
- Log OSSEC alerts for a certain level to Elasticsearch/Logstash and Kibana
- Nagios runs a query on Kibana for this alert level and displays the alerts in
a nagios dashboard. (the alert stays there for 24 hours and is then auto
removed after 24
@Michiel did you ever get this set up? If so do you have any tips you can
share?
On Tuesday, February 18, 2014 at 2:30:34 AM UTC-8, Michiel van Es wrote:
>
> I found something interesting at
> http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html which
> uses NRPE to swatch/grep the
I found something interesting
at http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html which
uses NRPE to swatch/grep the alerts.log logfile for specific alert levels
and display those in Nagios.
Op donderdag 6 februari 2014 10:28:58 UTC+1 schreef Chris H:
>
> could you do something w
could you do something with the syslog output? send the alerts you're
interested in to syslog on the nagios host and tail the logs from that?
Might allow you to be a bit more selective, too.
On Wednesday, February 5, 2014 1:53:38 PM UTC, Michiel van Es wrote:
>
> To be more precise: this is th
To be more precise: this is the most valuable link I
found: http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html
I am still interested in other peoples' implementations.
Op woensdag 5 februari 2014 14:45:26 UTC+1 schreef Michiel van Es:
>
> Yes, First 3 hits about mail scripts (nagios
Yes, First 3 hits about mail scripts (nagios exchange) and 'swatch alike
scripts' but not a lot of specific setup information.
That is why I ask it here what people use nowadays and how their setup
looks like.
Michiel
Op woensdag 5 februari 2014 14:32:47 UTC+1 schreef Darin Perusich:
>
> Have y
Have you asked Google?
--
Later,
Darin
On Wed, Feb 5, 2014 at 6:47 AM, Michiel van Es wrote:
> Hello,
>
> I was wondering if someone already used the OSSEC and Nagios to generate
> alerts ?
> I have the following idea in my head: alert of level 11+ will be seen by a
> monitor/swatch script taili
Hello,
I was wondering if someone already used the OSSEC and Nagios to generate
alerts ?
I have the following idea in my head: alert of level 11+ will be seen by a
monitor/swatch script tailing the /var/ossec/logs/alerts/alerts.log logfile
and generates an alert/trigger and sends it to Nagios.