Centralized Log Monitoring for AlmaLinux 9 with Nagios Log Server 2024R2: A Complete Guide
AlmaLinux 9 is a community-driven, enterprise-grade Linux distribution designed for stability and performance. Monitoring system logs from AlmaLinux servers is critical for detecting issues, ensuring security, and maintaining compliance. Nagios Log Server 2024R2 offers a centralized platform to collect, search, and analyze log data across your infrastructure. This guide walks you through configuring AlmaLinux 9 to forward logs to Nagios Log Server using the built-in rsyslog service.
Prerequisites
Ensure you have the following:
- An AlmaLinux 9 server with root or sudo access
- A running Nagios Log Server 2024R2 instance
- Network connectivity between the AlmaLinux server and Log Server (default port 5544 open)
- SELinux disabled or properly configured for rsyslog
Step 1: Access Log Source Setup in Nagios Log Server
1. Log into your Nagios Log Server web interface.
2. Click the + Add Log Source button at the top.
3. Select Linux as the source type.
Step 2: Run the Auto-Configuration Script on AlmaLinux 9
1. Copy the setup script command shown in the Nagios interface. It looks similar to:
curl -sS -O http://<logserver-ip>/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s <logserver-ip> -p 5544- Replace
<logserver-ip>with the IP or DNS name of your Nagios Log Server.
2. Example Output:
curl -sS -O http://192.168.1.123/nagioslogserver/scripts/setup-linux.sh
sudo bash setup-linux.sh -s 192.168.0.31 -p 55443. Confirm the script output shows successful configuration:
- “Detected rsyslog…”
- “rsyslog configuration check passed.”
- “rsyslog is running with the new configuration.”
Step 3: Verify Logs Are Reaching Nagios Log Server
1. In the Nagios Log Server web UI, enter the AlmaLinux server’s IP under Verify Incoming Logs.
2. Alternatively, go to Dashboards > Nagios Log Server Search and run:
host.ip:<AlmaLinux-IP>3. To test log transmission, run:
logger This is a test log entry4. Verify the entry appears in the Nagios Log Server interface.
Optional: Manual rsyslog Configuration (Advanced)
If you prefer not to use the script, follow these steps:
1. Create a custom rsyslog config file:
sudo nano /etc/rsyslog.d/.conf2. Add the following content (replace IP and port as needed):
# ### begin forwarding rule ### NAGIOSLOGSERVER
$WorkDirectory /var/lib/rsyslog
$ActionQueueFileName fwdRule1
$ActionQueueMaxDiskSpace 1g
$ActionQueueSaveOnShutdown on
$ActionQueueType LinkedList
$ActionResumeRetryCount -1
*.* @@192.168.1.123:5544
# ### end of the forwarding rule ###3. Restart rsyslog:
sudo systemctl restart rsyslog4. Verify logs are received as in Step 3.
Step 4: Adding More Log Sources
Use the + Add Log Source button to configure:
- Windows event logs
- App logs
- Archived logs
Conclusion
You’ve successfully configured AlmaLinux 9 to send logs to Nagios Log Server 2024R2. Whether using the automatic script or manual configuration, this setup allows centralized logging, simplifying monitoring and analysis. For advanced use cases, explore custom filtering, alerting, and integrations in the Nagios Log Server interface.
Resource
Share:
On this page
Related Articles
- Monitoring Pop!_OS 24.04 LTS with NCPA in Nagios XI: A Comprehensive Guide
- Monitoring Clear Linux with SNMP in Nagios XI: A Step-by-Step Guide
- Monitoring NixOS with SNMP in Nagios XI: A Step-by-Step Guide
- How to Send Logs from Kali Linux to Nagios Log Server
- How to Configure SNMP on Kali Linux for Nagios XI
