nagios_nsca

Milestone: 1

The nagios_nsca output is used for sending passive check results to Nagios through the NSCA protocol.

This is useful if your Nagios server is not the same as the source host from where you want to send logs or alerts. If you only have one server, this output is probably overkill # for you, take a look at the ‘nagios’ output instead.

Here is a sample config using the nagios_nsca output: output { nagios_nsca { # specify the hostname or ip of your nagios server host => “nagios.example.com”

    # specify the port to connect to
    port => 5667
  }
}

Synopsis

This is what it might look like in your config file:
output {
  nagios_nsca {
    codec => ... # codec (optional), default: "plain"
    host => ... # string (optional), default: "localhost"
    message_format => ... # string (optional), default: "%{@timestamp} %{host}: %{message}"
    nagios_host => ... # string (optional), default: "%{host}"
    nagios_service => ... # string (optional), default: "LOGSTASH"
    nagios_status => ... # string (required)
    port => ... # number (optional), default: 5667
    send_nsca_bin => ... # a valid filesystem path (optional), default: "/usr/sbin/send_nsca"
    send_nsca_config => ... # a valid filesystem path (optional)
    workers => ... # number (optional), default: 1
  }
}

Details

codec

  • Value type is codec
  • Default value is "plain"

The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output, without needing a separate filter in your Logstash pipeline.

exclude_tags DEPRECATED

  • DEPRECATED WARNING: This config item is deprecated. It may be removed in a further version.
  • Value type is array
  • Default value is []

Only handle events without any of these tags. Note this check is additional to type and tags.

host

  • Value type is string
  • Default value is "localhost"

The nagios host or IP to send logs to. It should have a NSCA daemon running.

message_format

  • Value type is string
  • Default value is "%{@timestamp} %{host}: %{message}"

The format to use when writing events to nagios. This value supports any string and can include %{name} and other dynamic strings.

nagios_host

  • Value type is string
  • Default value is "%{host}"

The nagios ‘host’ you want to submit a passive check result to. This parameter accepts interpolation, e.g. you can use @source_host or other logstash internal variables.

nagios_service

  • Value type is string
  • Default value is "LOGSTASH"

The nagios ‘service’ you want to submit a passive check result to. This parameter accepts interpolation, e.g. you can use @source_host or other logstash internal variables.

nagios_status (required setting)

  • Value type is string
  • There is no default value for this setting.

The status to send to nagios. Should be 0 = OK, 1 = WARNING, 2 = CRITICAL, 3 = UNKNOWN

port

  • Value type is number
  • Default value is 5667

The port where the NSCA daemon on the nagios host listens.

send_nsca_bin

  • Value type is path
  • Default value is "/usr/sbin/send_nsca"

The path to the ‘send_nsca’ binary on the local host.

send_nsca_config

  • Value type is path
  • There is no default value for this setting.

The path to the send_nsca config file on the local host. Leave blank if you don’t want to provide a config file.

tags DEPRECATED

  • DEPRECATED WARNING: This config item is deprecated. It may be removed in a further version.
  • Value type is array
  • Default value is []

Only handle events with all of these tags. Note that if you specify a type, the event must also match that type. Optional.

type DEPRECATED

  • DEPRECATED WARNING: This config item is deprecated. It may be removed in a further version.
  • Value type is string
  • Default value is ""

The type to act on. If a type is given, then this output will only act on messages with the same type. See any input plugin’s “type” attribute for more. Optional.

workers

  • Value type is number
  • Default value is 1

The number of workers to use for this output. Note that this setting may not be useful for all outputs.


This is documentation from lib/logstash/outputs/nagios_nsca.rb