search

Icinga / icingaweb2-module-elasticsearch

This module will not be updated by Icinga anymore. Please don't attempt to use it.
GNU General Public License v2.0
29 stars 9 forks source link

Need to get the message/log details in Iciniga check #53

Open sabil05 opened 2 years ago

sabil05 commented 2 years ago

Hello Team,

Thank you so much for creating a wonderful documentation on Icinga integration with ELK. By referring the document I am able to integrate Icinga with ELK.

I am using iclingacli-elasticsearch check_command to see the events in Icinga.

I have couple of questions on this integration. Would be really helpful if you can assist/help in this regards.

Following is the configuration i have defined in service.conf file and I am looking for the events which has 404 HTTP status code in message section of logs. I just wanted to is there a way to get entire log message as well as apply filters on it. 

apply Service "icingacli-elasticsearch" {
  import "generic-service"
  check_command = "icingacli-elasticsearch"
  vars.icingacli_elasticsearch_instance = "Elasticsearch"
  vars.icingacli_elasticsearch_critical = 1
  vars.icingacli_elasticsearch_warning = 1
  vars.icingacli_elasticsearch_index = "filebeat-*"
  vars.icingacli_elasticsearch_filter = "message=404"
  vars.icingacli_elasticsearch_from = "-5m"
  display_name = "HTTP status and code"
  assign where host.vars.instance_type == "elkhost"
  notes = "Messages contains GET and 200 HTTP status code"
}

Kindly assist me to getting event details in the icinga to have more information about the events.

Thank you so much in advance! Sabil.

Your Environment

sabil05 commented 2 years ago

Hello Team,

I also wanted to is there a possibility to do customization with icingacli command. As I have to get the more information using single check.

Kindly suggest.

Thanks.