- Find Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- How to display Nagios down times in Splunk dashboa...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to display Nagios down times in Splunk dashboard
We have alarming for our servers realized in Nagios.
When we deploy new software releases on the servers, we set a downtime in Nagios to avoid alarming during this time.
The Splunk dashboards (for example, count of events) are not aware of these downtimes. So the chart shows zero events for the deployment time without any explanation. So most likely the boss will ask what happened during this time...
Is there any idea how to make Splunk charts aware of Nagios downtimes?
Can we insert Splunk events from the Nagios server via CLI?
Thanks
Norbert
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Norbert 🙂
I developed an app for that 🙂 You can use Splunk For Nagios to search Nagios downtime events, alerts and notifications and trend problems over time. Over 40 field extractions are included, as well as 8 Saved Searches, and Advanced Dashboards featuring recent Warning and Critical Alerts, as well as Integration with MK Livestatus and the ability to Schedule Saved Searches in Splunk to send alerts to Nagios:
http://splunk-base.splunk.com/apps/22374/splunk-for-nagios
All the best,
Luke 🙂
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
thanks for your input, but this is not what I was looking for.
When the servers are in downtime, I have no events in Splunk, so nothing to filter.
I need to get the information from Nagios, that the server is in scheduled downtime and not down by technical problems.
So I would like to send an event from nagios to Splunk, stating that the downtime is starting or stopping. These events could then be displayed in the chart ...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
you can have your nagios events send to splunk
- as syslog event
- as snmptrap
- write it into a file
and then for sure you must setup splunk and your dashboard the way it can handle this nagios event.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi nhamel
there is an app http://splunk-base.splunk.com/apps/29098/host-filter which could help you filter out host if they are on a planed downtime.
cheers
Splunk Classroom Chronicles: Training Tales and Testimonials
Access Tokens Page - New & Improved
Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!
