How to Monitor openSUSE 15 Logs with Nagios Log Server 2024R2


Monitoring logs from openSUSE 15 with Nagios Log Server 2024R2 provides crucial visibility into system events, security incidents, and performance anomalies. This guide explains how to configure openSUSE to forward logs to Nagios Log Server and verify their integration with Nagios XI.
Step 1: Add a Log Source in Nagios Log Server
- Log in to Nagios Log Server.
- Click + Add Log Source.
- Select Linux as the source type.
Step 2: Run the Auto-Configuration Script on openSUSE
- Copy the script command from the Linux Source Setup page.
- On the openSUSE server, run:
curl -sS -O http://<NagiosLogServerIP>/nagioslogserver/scripts/setup-linux.sh sudo bash setup-linux.sh -s <NagiosLogServerIP> -p 5544
This sets up rsyslog
to forward logs to the Log Server.
Step 3: Verify Logs are Received
- Return to the setup page in Nagios Log Server.
- Enter the openSUSE server’s IP in the Verify Incoming Logs section.
- Or run a host query from Dashboards > Search:
host.ip:<openSUSE-IP>
- To test manually, run:
logger "This is a test log entry"
Step 4: (Optional) Manual Configuration
1.Check the rsyslog
work directory:
ls -d /var/lib/rsyslog || ls -d /var/spool/rsyslog
2.Manually create or edit the forwarding config:
sudo vi /etc/rsyslog.d/99-nagioslogserver.conf
Add the following line:
*.* @<NagiosLogServerIP>:5544;RSYSLOG_SyslogProtocol23Format
3.Restart rsyslog:
sudo systemctl restart rsyslog.service
Step 5: Link to Nagios XI
- Utilize queries and alert conditions in Nagios Log Server to trigger alerts in Nagios XI via API or event handlers.
- Integrate log monitoring with service checks for a comprehensive system overview.
Final Notes
- Logs are forwarded over port 5544; ensure openSUSE’s firewall allows outbound traffic on this port.
- The + Add Log Source feature in Nagios Log Server allows you to add additional log sources as needed.
- Regularly review logs in Nagios Log Server to detect system anomalies and security threats.
Conclusion
By following this guide, you can successfully monitor and analyze openSUSE 15 logs with Nagios Log Server 2024R2 in Nagios XI. This setup ensures proactive issue detection and enhances overall system observability. For best results, maintain regular log audits and optimize alert configurations to capture critical events.