All Apps and Add-ons
Highlighted

will the Splunk for Nagios app support a distributed Nagios deployment in the future?

Explorer

Question: We are planning a distributed Nagios deployment, with a Nagios server in each of our Datacenters forwarding nagios logs off to the local splunk Indexer in the data center. Will this App support a distributed Nagios deployment in the future? From what I gather, MOST things will function normally with the exceptions of the contents of splunk-nagios.sh and the MK Livestatus Integration scripts.

Tags (1)
0 Karma
Highlighted

Re: will the Splunk for Nagios app support a distributed Nagios deployment in the future?

Contributor

Hi Terry 🙂 You are correct in that all of the dashboards and reports will work for multiple nagios instances except for the splunk-nagios.sh script (for splunk to nagios alerts) and the Livestatus dashboards. I am actively working on updating the existing python scripts to support multiple MK Livestatus instances. You could clone the splunk-nagios.sh script and configure one for each nagios instance, if required. I will post a new version of the app soon 🙂

View solution in original post

0 Karma
Highlighted

Re: will the Splunk for Nagios app support a distributed Nagios deployment in the future?

Contributor

Hi Terry 🙂

I have just released Splunk for Nagios version 3 and all of the external lookup scripts for MK Livestatus have been updated with support for multiple MK Livestatus servers 🙂

A number of field extractions have been updated, as well as additional macros and a new event type.

I have also added several very powerful dashboards:

Livestatus Network Health

Livestatus Service Alerts

Livestatus Host SLA

Livestatus Service SLA

Livestatus Host Groups

Livestatus Service Groups

Livestatus Service Acknowledgement

Livestatus Host and Service Downtime

Host Availability

Top 100 Alerts

All the best,

Luke 🙂

0 Karma