Library

Beta

Products

Adding Additional Instances To Cluster Alerting On Log Events Analyzing Logs Authenticating and Importing Users with AD and LDAP Changing Data Store Path Configuring Filters Configuring Inputs Configuring Multi Tenancy in Nagios Log Server Configuring NXLog To Send Additional Log Files Creating a Log Server Dashboard Forwarding Logs from Nagios Log Server to Another Destination How To Configure NXLog To Send Multi line Logs To Nagios Log Server.How To Configure Windows To Send Logs To Nagios Log Server How To Create A Nagios Log Server Instance In The Amazon EC2 Cloud How To Export Or Schedule Reports In Nagios Log Server How To integrate Nagios Log Server with XI How to Backup and Restore the Nagios Log Server How to use a Proxy Server with Nagios Log Server Integrating Nagios Log Server with Nagios XI Log Server Dashboard Overview Managing Clusters Managing Indices Managing Snapshots and Maintenance Monitoring A New Log Source Monitoring Apache Logs with Nagios Log Server Monitoring Linux System Logs using Nagios Log Server Monitoring Squid Proxy Server With Nagios Log Server Nagios Log Server Adding Additional Instances To Cluster Nagios Log Server Administrator Guide Nagios Log Server Alerting On Log Events Nagios Log Server Analyzing Logs Nagios Log Server Architecture and Overview NWC15 Nagios Log Server Changing Data Store Path Nagios Log Server Cluster Timezone Settings Nagios Log Server Configuration Overview Nagios Log Server Configuring Input Filters Nagios Log Server Configuring Inputs Nagios Log Server Configuring NXLog To Send Additional Log Files Nagios Log Server Configuring NXLog To Send Multi Line Log Files Nagios Log Server Conversion for VirtualBox Nagios Log Server Custom Alert Message Email Template Nagios Log Server Data Backup and Archiving Nagios Log Server ELK documentation Nagios Log Server ESXi Syslog Config Nagios Log Server Exporting Log Data Nagios Log Server Full Architecture Overview Nagios Log Server How To Configure SSL Nagios Log Server How To Create A Nagios Log Server Instance In The Amazon EC2 Cloud Environment Nagios Log Server How To Install Using VMware Nagios Log Server How To Select A Download Nagios Log Server Important Files And Directories Nagios Log Server Introduction Webinar Nagios Log Server Jobs Subsystem Architecture Nagios Log Server License Entitlements Nagios Log Server Listening On Privileged Ports Nagios Log Server Log Monitoring and Log Management with Nagios NWC14 Nagios Log Server Logging In Nagios Log Server Managing Clusters Nagios Log Server Managing Indices Nagios Log Server Managing Instances Nagios Log Server Managing Snapshots and Maintenance Nagios Log Server Managing Users Nagios Log Server Monitor Your Log Server Instances Nagios Log Server Monitoring A New Log Source Nagios Log Server Offline Upgrade Nagios Log Server Overview And Terminology Nagios Log Server Performance And Storage Walkthrough Nagios Log Server Poller Subsystem Architecture Nagios Log Server Real Life Experience of Nagios Log Server NWC15 Nagios Log Server Removing An Instance From A Cluster Nagios Log Server Sending Multiline Log Files Using Syslog Nagios Log Server Sending NXLogs With SSL Nagios Log Server Sending Nagios Core Logs To Nagios Log Server Nagios Log Server Sending syslog with SSL/TLS Nagios Log Server Single Instance Deployment Nagios Log Server Updating Logstash Patterns Nagios Log Server Upgrade Instructions Nagios Log Server Using An Output To Create Nagios XI Passive Objects Nagios Log Server Using GeoIP Data Nagios Log Server Using The Custom Includes Page Removing An Instance From A Cluster Send Alerts Based on the Log Server Audit Log Sending ESXi Logs To Nagios Log Server Sending Mac OS X Logs To Nagios Log Server Sending NXLogs With SSL/TLS Sending Nagios Core Logs To Nagios Log Server Sending syslog With SSL/TLS Upgrade Nagios Log Server Using An Output To Create Nagios XI Passive Objects Waiting for Database Startup Nagios Log Server Monitoring Using NCPA + Nagios XI

Send Alerts Based on the Log Server Audit Log

Introduction

There may be situations where you want to create alerts based on the Log Server audit log. For example, you may want to send email alerts when a new Nagios Log Server user is created, modified and deleted.

Setup

Navigate to Configure > Global Config.
Click the **Add Input **button.
Enter a descriptive Block Name.

Enter the following code in the code field.

file {
    type => "nlsauditlog"
    path => "/usr/local/nagioslogserver/var/auditlog.log"
}

Click the Add Filter button.
Enter a descriptive Block name and add filter code that will gather the information you desire from the log. Example:

        if [type] == 'nlsauditlog' {
        grok{
                match => {
                  "message" => [
                    "%{TIMESTAMP_ISO8601:date} created=%{INT:created} created_by=%{WORD:created_by} type=%{WORD:audit_log_type} message=%{DATA:message} source=%{DATA:source} ip_address=%{IP:ip_address}",
                    "%{TIMESTAMP_ISO8601:date} created=%{INT:created} created_by=%{WORD:created_by} type=%{WORD:audit_log_type} message=%{DATA:message} node=%{UUID:node} source=%{GREEDYDATA:source}"
                  ]
                }
              overwrite => [ 'message' ]
        }
        }

Click Save & Apply.

Now, you can reference the documentation linked below to use the dashboards to create a query to use in the alert:

Analyzing-Logs-With-Nagios-Log-Server
Alerting-On-Log-Events-With-Nagios-Log-Server

On this page

Send Alerts Based on the Log Server Audit Log Introduction Setup

Nagios Enterprises, LLC

© All rights reserved. 2026