Nagios, syslog, splunk

Rob Blake rob.blake at gmail.com
Wed Mar 14 10:25:02 CET 2007


On 3/14/07, Matthew Joyce <MJoyce at ccia.unsw.edu.au> wrote:
>
>
> I've been playing with Splunk of late, can anyone tell me how I might
> forward Nagios event logs to a remote splunk server ?
>
> Is there a way to configure Nagios to send to two syslog servers, one
> remote ?
>
> Thanks
>
> *Matthew Joyce*
> 02 9382 0051***** |* IT Manager***** |* Children's Cancer Institute
> Australia for Medical Research
>
>

I guess you could use something like the global_event_handler option. Simply
provide a small script that copies across the files you need to your remote
splunk server and then set the global_event_handler to be enabled. This
would copy it across every time an event occurred, so you may need to put
some logic into your script that only copied after a certain duration to
avoid too many connections to your remote host.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20070314/7cd7a6cc/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


More information about the Users mailing list