SlideShare une entreprise Scribd logo

Log monitoring with Logstash and Icinga

OlinData
OlinData

Presentation for Icinga Camp Amsterdam 2017 about monitoring logstash input with the icinga plugin for logstash

Technologie
1  sur  16
Télécharger pour lire hors ligne
Output
filebeat.prospectors: - input_type: log paths: - /var/log/backup.log output.logstash: hosts: ["localhost:5044"]
# /etc/logstash/conf.d/logstash.conf input { <..some inputs here (see https://www.elastic.co/guide/en/logstash/current/input-p lugins.html) ..> } filter { <..some filters here (see https://www.elastic.co/guide/en/logstash/current/filter- plugins.html)..> } output { <..some outputs here (see https://www.elastic.co/guide/en/logstash/current/output- plugins.html)..> }
What are logstash plugins? Why a logstash icinga output plugin? Where to find the plugin? https://github.com/Icinga/logstash-output-icinga/ Actions the plugin can take: Action Description process-check-result Process a check result send-custom-notification Send a custom notification add-comment Add a comment from an author. remove-comment Remove all comments created by a certain author. schedule-downtime Schedule a downtime for a host or service. remove-downtime Remove all downtimes created by a certain author.
# clone the repo git clone https://github.com/icinga/logstash-output-icinga.git cd logstash-output-icinga/ # build the gem [root@icinga2-elastic logstash-output-icinga]# gem build logstash-output-icinga.gemspec WARNING: no description specified Successfully built RubyGem Name: logstash-output-icinga Version: 1.0.0 File: logstash-output-icinga-1.0.0.gem # install the plugin [root@icinga2-elastic bin]# ./logstash-plugin install --local ~/logstash-output-icinga/logstash-output-icinga-1.0.0.gem Validating /root/logstash-output-icinga/logstash-output-icinga-1.0.0.gem Installing logstash-output-icinga Installation successful
object Host "my-server1" { address = "10.0.0.1" check_command = "hostalive" } object Service "ping4" { host_name = "my-server1" check_command = "ping4" } object Service "http" { host_name = "my-server1" check_command = "http" }
object ApiUser "icinga" { password = "icinga" client_cn = NodeName permissions = [ "*" ] } apply Service "backup" { import "generic-service" check_command = "dummy" assign where host.address }
input { beats { port => 5044 type => "logs" } } filter { if [syslog_severity] == "error" { mutate { replace => { "exit_status" => "2" } } } } filter { if [source] == "/var/log/mypreciouslog.json" { json { source => "message" } } } output { icinga { host => 'localhost' user => 'icinga' password => 'icinga' ssl_verify => false action => 'process-check-result' action_config => { exit_status => "%{exit_status}" plugin_output => "%{message}" } icinga_host => "%{hostname}" icinga_service => "backup" } elasticsearch { hosts => [ "localhost:9200" ] } stdout { } }
Log monitoring with Logstash and Icinga
Log monitoring with Logstash and Icinga
Log monitoring with Logstash and Icinga
Log monitoring with Logstash and Icinga

Recommandé

FOSDEM 2017: GitLab CI
FOSDEM 2017: GitLab CIFOSDEM 2017: GitLab CI
FOSDEM 2017: GitLab CI
OlinData
 
Workflows using Git GitHub | Edureka
Workflows using Git GitHub | EdurekaWorkflows using Git GitHub | Edureka
Workflows using Git GitHub | Edureka
Edureka!
 
Gitlab and Lingvokot
Gitlab and LingvokotGitlab and Lingvokot
Gitlab and Lingvokot
Lingvokot
 
Breaking bad habits with GitLab CI
Breaking bad habits with GitLab CIBreaking bad habits with GitLab CI
Breaking bad habits with GitLab CI
Ivan Nemytchenko
 
Breaking Bad Habits with GitLab CI
Breaking Bad Habits with GitLab CIBreaking Bad Habits with GitLab CI
Breaking Bad Habits with GitLab CI
Ivan Nemytchenko
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
Joerg Henning
 
Why you can't ignore GitLab
Why you can't ignore GitLabWhy you can't ignore GitLab
Why you can't ignore GitLab
Pivorak MeetUp
 
How we scaled git lab for a 30k employee company
How we scaled git lab for a 30k employee companyHow we scaled git lab for a 30k employee company
How we scaled git lab for a 30k employee company
Minqi Pan
 

Recommandé

FOSDEM 2017: GitLab CI
FOSDEM 2017: GitLab CIFOSDEM 2017: GitLab CI
FOSDEM 2017: GitLab CI
OlinData
 
Workflows using Git GitHub | Edureka
Workflows using Git GitHub | EdurekaWorkflows using Git GitHub | Edureka
Workflows using Git GitHub | Edureka
Edureka!
 
Gitlab and Lingvokot
Gitlab and LingvokotGitlab and Lingvokot
Gitlab and Lingvokot
Lingvokot
 
Breaking bad habits with GitLab CI
Breaking bad habits with GitLab CIBreaking bad habits with GitLab CI
Breaking bad habits with GitLab CI
Ivan Nemytchenko
 
Breaking Bad Habits with GitLab CI
Breaking Bad Habits with GitLab CIBreaking Bad Habits with GitLab CI
Breaking Bad Habits with GitLab CI
Ivan Nemytchenko
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
Joerg Henning
 
Why you can't ignore GitLab
Why you can't ignore GitLabWhy you can't ignore GitLab
Why you can't ignore GitLab
Pivorak MeetUp
 
How we scaled git lab for a 30k employee company
How we scaled git lab for a 30k employee companyHow we scaled git lab for a 30k employee company
How we scaled git lab for a 30k employee company
Minqi Pan
 
Intro to Git for Drupal 7
Intro to Git for Drupal 7Intro to Git for Drupal 7
Intro to Git for Drupal 7
Chris Caple
 
沒有 GUI 的 Git
沒有 GUI 的 Git沒有 GUI 的 Git
沒有 GUI 的 Git
Chia Wei Tsai
 
Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners
HubSpot
 
Intro to Github Actions @likecoin
Intro to Github Actions @likecoinIntro to Github Actions @likecoin
Intro to Github Actions @likecoin
William Chong
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub Actions
Knoldus Inc.
 
Docker e git lab
Docker e git labDocker e git lab
Docker e git lab
Gianluca Padovani
 
Introduction to Git and Github
Introduction to Git and GithubIntroduction to Git and Github
Introduction to Git and Github
Somkiat Puisungnoen
 
Git - An Introduction
Git - An IntroductionGit - An Introduction
Git - An Introduction
Behzad Altaf
 
Sep Nasiri "Upwork PHP Architecture"
Sep Nasiri "Upwork PHP Architecture"Sep Nasiri "Upwork PHP Architecture"
Sep Nasiri "Upwork PHP Architecture"
Fwdays
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub Actions
Bo-Yi Wu
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a pro
sparkfabrik
 
Shaker
ShakerShaker
Shaker
Ilya Shakhat
 
Continuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CI
David Hahn
 
Devoxx - The Groovy Ecosystem
Devoxx - The Groovy EcosystemDevoxx - The Groovy Ecosystem
Devoxx - The Groovy Ecosystem
Andres Almiray
 
Git & SourceTree
Git & SourceTreeGit & SourceTree
Git & SourceTree
Tu Tran
 
Github basics
Github basicsGithub basics
Github basics
Radoslav Georgiev
 
Intro to Git and GitHub
Intro to Git and GitHubIntro to Git and GitHub
Intro to Git and GitHub
Panagiotis Papadopoulos
 
ActiveLAMP Process
ActiveLAMP ProcessActiveLAMP Process
ActiveLAMP Process
Tom Friedhof
 
Git Started With Git
Git Started With GitGit Started With Git
Git Started With Git
Nick Quaranto
 
It Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software DevelopmentIt Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software Development
Carlos Perez
 
PyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web ApplicationsPyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web Applications
Graham Dumpleton
 
.NET @ apache.org
.NET @ apache.org .NET @ apache.org
.NET @ apache.org
Ted Husted
 

Contenu connexe

Tendances

Devoxx - The Groovy Ecosystem
Devoxx - The Groovy EcosystemDevoxx - The Groovy Ecosystem
Devoxx - The Groovy Ecosystem
Andres Almiray
 
It Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software DevelopmentIt Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software Development
Carlos Perez
 

Tendances (20)

Intro to Git for Drupal 7
Intro to Git for Drupal 7Intro to Git for Drupal 7
Intro to Git for Drupal 7
 
沒有 GUI 的 Git
沒有 GUI 的 Git沒有 GUI 的 Git
沒有 GUI 的 Git
 
Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners Git 101: Git and GitHub for Beginners
Git 101: Git and GitHub for Beginners
 
Intro to Github Actions @likecoin
Intro to Github Actions @likecoinIntro to Github Actions @likecoin
Intro to Github Actions @likecoin
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub Actions
 
Docker e git lab
Docker e git labDocker e git lab
Docker e git lab
 
Introduction to Git and Github
Introduction to Git and GithubIntroduction to Git and Github
Introduction to Git and Github
 
Git - An Introduction
Git - An IntroductionGit - An Introduction
Git - An Introduction
 
Sep Nasiri "Upwork PHP Architecture"
Sep Nasiri "Upwork PHP Architecture"Sep Nasiri "Upwork PHP Architecture"
Sep Nasiri "Upwork PHP Architecture"
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub Actions
 
Gitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a proGitlab ci e kubernetes, build test and deploy your projects like a pro
Gitlab ci e kubernetes, build test and deploy your projects like a pro
 
Shaker
ShakerShaker
Shaker
 
Continuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CI
 
Devoxx - The Groovy Ecosystem
Devoxx - The Groovy EcosystemDevoxx - The Groovy Ecosystem
Devoxx - The Groovy Ecosystem
 
Git & SourceTree
Git & SourceTreeGit & SourceTree
Git & SourceTree
 
Github basics
Github basicsGithub basics
Github basics
 
Intro to Git and GitHub
Intro to Git and GitHubIntro to Git and GitHub
Intro to Git and GitHub
 
ActiveLAMP Process
ActiveLAMP ProcessActiveLAMP Process
ActiveLAMP Process
 
Git Started With Git
Git Started With GitGit Started With Git
Git Started With Git
 
It Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software DevelopmentIt Works On My Machine: Vagrant for Software Development
It Works On My Machine: Vagrant for Software Development
 

Similaire à Log monitoring with Logstash and Icinga

2. writing MySql plugins general
2. writing MySql plugins general2. writing MySql plugins general
2. writing MySql plugins general
Roland Bouman
 
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Pantheon
 
Controlling Arduino With PHP
Controlling Arduino With PHPControlling Arduino With PHP
Controlling Arduino With PHP
Thomas Weinert
 

Similaire à Log monitoring with Logstash and Icinga (20)

PyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web ApplicationsPyCon AU 2012 - Debugging Live Python Web Applications
PyCon AU 2012 - Debugging Live Python Web Applications
 
.NET @ apache.org
.NET @ apache.org .NET @ apache.org
.NET @ apache.org
 
2. writing MySql plugins general
2. writing MySql plugins general2. writing MySql plugins general
2. writing MySql plugins general
 
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
Creating a Smooth Development Workflow for High-Quality Modular Open-Source P...
 
Log4jxml ex
Log4jxml exLog4jxml ex
Log4jxml ex
 
4Developers 2018: Structured logging (Bartek Szurgot)
4Developers 2018: Structured logging (Bartek Szurgot)4Developers 2018: Structured logging (Bartek Szurgot)
4Developers 2018: Structured logging (Bartek Szurgot)
 
Logging & Metrics with Docker
Logging & Metrics with DockerLogging & Metrics with Docker
Logging & Metrics with Docker
 
GopherCon IL 2020 - Web Application Profiling 101
GopherCon IL 2020 - Web Application Profiling 101GopherCon IL 2020 - Web Application Profiling 101
GopherCon IL 2020 - Web Application Profiling 101
 
EuroPython 2013 - Python3 TurboGears Training
EuroPython 2013 - Python3 TurboGears TrainingEuroPython 2013 - Python3 TurboGears Training
EuroPython 2013 - Python3 TurboGears Training
 
Playground 11022017 user_monitoring
Playground 11022017 user_monitoringPlayground 11022017 user_monitoring
Playground 11022017 user_monitoring
 
Intro django
Intro djangoIntro django
Intro django
 
Continuous Go Profiling & Observability
Continuous Go Profiling & ObservabilityContinuous Go Profiling & Observability
Continuous Go Profiling & Observability
 
How to save log4net into database
How to save log4net into databaseHow to save log4net into database
How to save log4net into database
 
Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12Dive into Fluentd plugin v0.12
Dive into Fluentd plugin v0.12
 
Logging
LoggingLogging
Logging
 
Logstash
LogstashLogstash
Logstash
 
OSCamp #4 on Foreman | CLI tools with Foreman by Martin Bačovský
OSCamp #4 on Foreman | CLI tools with Foreman by Martin BačovskýOSCamp #4 on Foreman | CLI tools with Foreman by Martin Bačovský
OSCamp #4 on Foreman | CLI tools with Foreman by Martin Bačovský
 
Effizientere WordPress-Plugin-Entwicklung mit Softwaretests
Effizientere WordPress-Plugin-Entwicklung mit SoftwaretestsEffizientere WordPress-Plugin-Entwicklung mit Softwaretests
Effizientere WordPress-Plugin-Entwicklung mit Softwaretests
 
Controlling Arduino With PHP
Controlling Arduino With PHPControlling Arduino With PHP
Controlling Arduino With PHP
 
From zero to hero - Easy log centralization with Logstash and Elasticsearch
From zero to hero - Easy log centralization with Logstash and ElasticsearchFrom zero to hero - Easy log centralization with Logstash and Elasticsearch
From zero to hero - Easy log centralization with Logstash and Elasticsearch
 

Plus de OlinData

Plus de OlinData (20)

AWS Cost Control: Cloud Custodian
AWS Cost Control: Cloud CustodianAWS Cost Control: Cloud Custodian
AWS Cost Control: Cloud Custodian
 
Introduction to 2FA on AWS
Introduction to 2FA on AWSIntroduction to 2FA on AWS
Introduction to 2FA on AWS
 
AWS Data Migration case study: from tapes to Glacier
AWS Data Migration case study: from tapes to GlacierAWS Data Migration case study: from tapes to Glacier
AWS Data Migration case study: from tapes to Glacier
 
Issuing temporary credentials for my sql using hashicorp vault
Issuing temporary credentials for my sql using hashicorp vaultIssuing temporary credentials for my sql using hashicorp vault
Issuing temporary credentials for my sql using hashicorp vault
 
Cfgmgmtcamp 2017 docker is the new tarball
Cfgmgmtcamp 2017 docker is the new tarballCfgmgmtcamp 2017 docker is the new tarball
Cfgmgmtcamp 2017 docker is the new tarball
 
Icinga 2 and Puppet - Automate Monitoring
Icinga 2 and Puppet - Automate MonitoringIcinga 2 and Puppet - Automate Monitoring
Icinga 2 and Puppet - Automate Monitoring
 
Webinar - Auto-deploy Puppet Enterprise: Vagrant and Oscar
Webinar - Auto-deploy Puppet Enterprise: Vagrant and OscarWebinar - Auto-deploy Puppet Enterprise: Vagrant and Oscar
Webinar - Auto-deploy Puppet Enterprise: Vagrant and Oscar
 
Webinar - High Availability and Distributed Monitoring with Icinga2
Webinar - High Availability and Distributed Monitoring with Icinga2Webinar - High Availability and Distributed Monitoring with Icinga2
Webinar - High Availability and Distributed Monitoring with Icinga2
 
Webinar - Windows Application Management with Puppet
Webinar - Windows Application Management with PuppetWebinar - Windows Application Management with Puppet
Webinar - Windows Application Management with Puppet
 
Webinar - Continuous Integration with GitLab
Webinar - Continuous Integration with GitLabWebinar - Continuous Integration with GitLab
Webinar - Continuous Integration with GitLab
 
Webinar - Centralising syslogs with the new beats, logstash and elasticsearch
Webinar - Centralising syslogs with the new beats, logstash and elasticsearchWebinar - Centralising syslogs with the new beats, logstash and elasticsearch
Webinar - Centralising syslogs with the new beats, logstash and elasticsearch
 
Icinga 2 and puppet: automate monitoring
Icinga 2 and puppet: automate monitoringIcinga 2 and puppet: automate monitoring
Icinga 2 and puppet: automate monitoring
 
Webinar - Project Management for DevOps
Webinar - Project Management for DevOpsWebinar - Project Management for DevOps
Webinar - Project Management for DevOps
 
Using puppet in a traditional enterprise
Using puppet in a traditional enterpriseUsing puppet in a traditional enterprise
Using puppet in a traditional enterprise
 
Webinar - PuppetDB
Webinar - PuppetDBWebinar - PuppetDB
Webinar - PuppetDB
 
Webinar - Scaling your Puppet infrastructure
Webinar - Scaling your Puppet infrastructureWebinar - Scaling your Puppet infrastructure
Webinar - Scaling your Puppet infrastructure
 
Webinar - Managing your Docker containers and AWS cloud with Puppet
Webinar - Managing your Docker containers and AWS cloud with PuppetWebinar - Managing your Docker containers and AWS cloud with Puppet
Webinar - Managing your Docker containers and AWS cloud with Puppet
 
Webinar - Manage user, groups, packages in windows using puppet
Webinar - Manage user, groups, packages in windows using puppetWebinar - Manage user, groups, packages in windows using puppet
Webinar - Manage user, groups, packages in windows using puppet
 
1 m+ qps on mysql galera cluster
1 m+ qps on mysql galera cluster1 m+ qps on mysql galera cluster
1 m+ qps on mysql galera cluster
 
Workshop puppet (dev opsdays ams 2015)
Workshop puppet (dev opsdays ams 2015)Workshop puppet (dev opsdays ams 2015)
Workshop puppet (dev opsdays ams 2015)
 

Dernier

Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Log monitoring with Logstash and Icinga

  • 1.
  • 2.
  • 3.
  • 5.
  • 6. filebeat.prospectors: - input_type: log paths: - /var/log/backup.log output.logstash: hosts: ["localhost:5044"]
  • 7. # /etc/logstash/conf.d/logstash.conf input { <..some inputs here (see https://www.elastic.co/guide/en/logstash/current/input-p lugins.html) ..> } filter { <..some filters here (see https://www.elastic.co/guide/en/logstash/current/filter- plugins.html)..> } output { <..some outputs here (see https://www.elastic.co/guide/en/logstash/current/output- plugins.html)..> }
  • 8. What are logstash plugins? Why a logstash icinga output plugin? Where to find the plugin? https://github.com/Icinga/logstash-output-icinga/ Actions the plugin can take: Action Description process-check-result Process a check result send-custom-notification Send a custom notification add-comment Add a comment from an author. remove-comment Remove all comments created by a certain author. schedule-downtime Schedule a downtime for a host or service. remove-downtime Remove all downtimes created by a certain author.
  • 9. # clone the repo git clone https://github.com/icinga/logstash-output-icinga.git cd logstash-output-icinga/ # build the gem [root@icinga2-elastic logstash-output-icinga]# gem build logstash-output-icinga.gemspec WARNING: no description specified Successfully built RubyGem Name: logstash-output-icinga Version: 1.0.0 File: logstash-output-icinga-1.0.0.gem # install the plugin [root@icinga2-elastic bin]# ./logstash-plugin install --local ~/logstash-output-icinga/logstash-output-icinga-1.0.0.gem Validating /root/logstash-output-icinga/logstash-output-icinga-1.0.0.gem Installing logstash-output-icinga Installation successful
  • 10. object Host "my-server1" { address = "10.0.0.1" check_command = "hostalive" } object Service "ping4" { host_name = "my-server1" check_command = "ping4" } object Service "http" { host_name = "my-server1" check_command = "http" }
  • 11. object ApiUser "icinga" { password = "icinga" client_cn = NodeName permissions = [ "*" ] } apply Service "backup" { import "generic-service" check_command = "dummy" assign where host.address }
  • 12. input { beats { port => 5044 type => "logs" } } filter { if [syslog_severity] == "error" { mutate { replace => { "exit_status" => "2" } } } } filter { if [source] == "/var/log/mypreciouslog.json" { json { source => "message" } } } output { icinga { host => 'localhost' user => 'icinga' password => 'icinga' ssl_verify => false action => 'process-check-result' action_config => { exit_status => "%{exit_status}" plugin_output => "%{message}" } icinga_host => "%{hostname}" icinga_service => "backup" } elasticsearch { hosts => [ "localhost:9200" ] } stdout { } }