Configuring CentOS to to send logs to Nagios Log Server

Now that Nagios Log Server is installed, it’s time to get some log files in there. I got myself all fired up ready to comb through page after page of documentation to figure out how to set it up… then those nice folks over at Nagios did this…

That’s right, if you click on Linux Source from the home screen, it gives you scripts to download and run to set it all up. They even pulled the IP address from the Nagios Log Server…it was like they wanted you to succeed in making this all work! It can’t be that easy right? Let’s try!

That was easy, no way there are actually logs showing up in Nagios Log Server though, right? Almost, SELinux was preventing log files from being shipped as you can see in the middle of the above screenshot. So…

cp /etc/selinux/config /etc/selinux/config.bak && sed -i s/SELINUX=enabled/SELINUX=disabled/g /etc/selinux/config && shutdown now -r

And BOOM goes the log file goodness after a reboot!

In probably less than 5 minutes, you can have a fully functional Nagios Log Server, based on ELK, deployed and receiving log files from a remote source - that is damn impressive. Of course in this example we haven’t looked at which logs we are sending - maybe you only want specific log files being sent from Apache or Ansible for instance, but that is a finer art form that we can save for another blog post. Happy logging!