Moogsoft Docs

Nagios Server Configuration

Introduction

The Nagios® LAM enables Moogsoft AIOps to ingest event data from Nagios. The following information explains the configuration required to ingest Nagios data to AIOps. For more information about Nagios, go to nagios.org .

Requirements

Enabling Nagios to send event data to AIOps requires full access to the Nagios application folder and files to set or modify configuration settings. The default installation location for Nagios is /usr/local/nagios

Curl

The system on which Nagios is running requires the latest version of Curl to be installed and available. Curl sends event data from Nagios to the AIOps Nagios LAM.

Capabilities

The performance of AIOps depends on the number of events received per second and the specifications of the AIOps system on which the Nagios LAM is running.

Moogsoft AIOps configuration

T o run the Nagios LAM, the following AIOps files are required and are installed by default:

File
Description
$MOOGSOFT/config/nagios_lam.conf Nagios LAM configuration file
$MOOGSOFT/bots/lambots/NagiosLam.js LAMBot file; processes the event data received from Nagios. This file does not require any configuration
$MOOGSOFT_HOME/bots/moobots/AlertBuilder.js Standard AlertBuilder Moobot file. This file does not require any specific configuration for the Nagios LAM

Nagios LAM configuration

In the Nagios LAM configuration file nagios_lam.conf, the following fields are mandatory:

File

Description

nagios_lam

port

The port number where the Nagios LAM will be receiving data from Nagios

nagios_lam

address

If AIOps is running on premise the default address is : 0.0.0.0
If AIOps is running on e.g. Amazon web services, it may be similar to ew2.234.234.compute.amazonaws.com
nagios_lam authenitication_type

When set to basic , events sent from Nagios will be sent using basic authentication and use the graze credentials for authentication. If set to none (default) or configuration is not specified, then basic authentication will not occur

Start the Nagios LAM to begin listening and receiving data from Nagios on the defined socket.

Start
Check status
Stop
service nagioslamd start
service nagioslamd status
service nagioslamd stop

Nagios configuration

To obtain Nagios event and service related information, the Nagios Global Event Handler (GEH) is used. Event handlers are system commands (scripts or executables) that are run whenever a host or service state change occurs. The GEH has two event handler types – Service Event Handlers and Host Event Handlers.

The following steps enable the GEH and configure the Service and Host Event Handlers to send data to a defined socket on which the Nagios LAM is listening.

  1. File transfer.

    Copy these files
    From
    To
    Set to executable
    send-host-event.sh
    send-service-event.sh
    $MOOGSOFT_HOME/etc/integrations/integration/documentation/files/
    /usr/local/nagios/libexec
    chmod +x send-host-event.sh
    chmod +x send-service-event.sh
  2. Script Configuration.

    Section
    Edit
    Description

    Hostname

    HOSTNAME="<hostname/ipaddress:9000>"

    AIOps hostname or the AIOps IP address and port number to which Nagios sends events

    Basic Authentication

    BASIC_AUTH=<false/true>

    Set this to ‘true’ to enable Basic Authentication when sending events to the AIOps Nagios LAM. By default, set to ‘false’

    Basic Authentication Username

    BASIC_AUTH_USER="<auth_username>"

    The Basic Authentication username, which should be set to ‘ graze ’ for the Nagios LAM

    Basic Authentication Password

    BASIC_AUTH_PASS="<auth_password>"

    The Basic Authentication password, which should be set to the password associated with the graze user

    Save the changes to each file.

    1. Nagios configuration.

      Open File (Server side configuration)
      Task

      /usr/local/nagios/etc/commands.cfg

      Use the below path to open the file:

      $MOOGSOFT_HOME/etc/integrations/integration/documentation/files/commands.cfg

      After openings the file, paste both the command's section of send-service-event.sh and send-host-event.sh at the server side.

      /usr/local/nagios/etc/contacts.cfg

      Use the below path to open contact file:

      $MOOGSOFT_HOME/etc/integrations/integration/documentation/files/contacts.cfg

      To add contacts, paste the Contact section at the server side.


      /usr/local/nagios/etc/contactgroups.cfg

      Use the below path to open contact group file:

      $MOOGSOFT_HOME/etc/integrations/integration/documentation/files/contacts.cfg

      To add contact group, paste the Contact group section at the server side.

      Save and close the file.


  3. Enable Global Event Handler.

    File
    Enable event handlers option
    Set the global event handler
    Ensure the following lines are not commented out
    /usr/local/nagios/etc/nagios.cfg
    enable_event_handlers=1
    global_host_event_handler=send-host-event
    cfg_file=/usr/local/nagios/etc/commands.cfg
    global_service_event_handler=send-service-event
    cfg_file=/usr/local/nagios/etc/contacts.cfg

    Save and close the file.

  4. Install Curl and restart Nagios.

    Component
    Command
    Install Curl
    yum install curl
    yum install net-snmp-utils
    Restart Nagios
    service nagios restart

    Nagios now begins sending Host and Service related events to AIOps.

Default field mapping

The following tables show the default Nagios field mappings to AIOps fields for both Host and Service Nagios events.
These mappings are defined in the Nagios LAMbot file:

Nagios Host Event > AIOps Field Mappings

Nagios Field Name

AIOps Field Name

HOSTNAME

source & signature

HOSTALIAS

external_id

HOSTSTATETYPE

class & severity

HOSTGROUPNAMES manager
HOSTOUTPUT description
HOSTSTATEID severity
HOSTADDRESS custom_info.host_Address
LASTHOSTSTATEID custom_info.host_LastStateID
LASTHOSTUNREACHABLE custom_info.host_LastUnreachable
LASTHOSTCHECK custom_info.host_LastCheck
LASTHOSTUP custom_info.host_LastUP
HOSTATTEMPT custom_info.host_Attempt
MAXHOSTATTEMPTS custom_info.host_MaxAttempts
HOSTEVENTID source_id & custom_info.host_EventID
LASTHOSTEVENTID custom_info.host_LastEventID
HOSTPROBLEMID custom_info.host_ProblemID
LASTHOSTPROBLEMID custom_info.host_LastProblemID

HOSTLATENCY

custom_info.host_Latency

HOSTEXECUTIONTIME

custom_info.host_ExecutionTime

HOSTDURATIONSEC

custom_info.host_DurationSec

HOSTDOWNTIME

custom_info.host_Downtime

HOSTPERCENTCHANGE

custom_info.host_PercentageChange

LONGHOSTOUTPUT

custom_info.host_LongOutput

HOSTPERFDATA

custom_info.host_PerformanceData

HOSTCHECKCOMMAND

signature & custom_info.host_CheckCommand

HOSTACTIONURL

custom_info.host_ActionURL

HOSTNOTESURL

custom_info.host_NotesURL

HOSTNOTES

custom_info.host_Notes

TOTALHOSTSERVICES

custom_info.host_TotalServices

TOTALHOSTSERVICESOK

custom_info.host_TotalServicesOK

TOTALHOSTSERVICESUNKNOWN

custom_info.host_TotalServicesUnknown

TOTALHOSTSERVICESCRITICAL

custom_info.host_TotalServicesCritical

AIOps > Nagios Host Event Fields

AIOps Field Name

Nagios Field Name

source

HOSTNAME

source_id

HOSTEVENTID

external_id

HOSTALIAS

class

HOSTSTATETYPE

manager

HOSTGROUPNAMES

description

HOSTOUTPUT

signature

HOSTNAME::HOSTCHECKCOMMAND

agent

Nagios

agent_time

<epoch-time-at-reception>

agent_location

Nagios Global Event Handler

type

Nagios Host Event

severity

HOSTSTATEID & HOSTSTATETYPE

custom_info.host_Address

HOSTADDRESS

custom_info.host_LastStateID

LASTHOSTSTATEID

custom_info.host_LastUnreachable

LASTHOSTUNREACHABLE

custom_info.host_LastCheck

LASTHOSTCHECK

custom_info.host_LastUP

LASTHOSTUP

custom_info.host_Attempt

HOSTATTEMPT

custom_info.host_MaxAttempts

MAXHOSTATTEMPTS

custom_info.host_EventID

HOSTEVENTID

custom_info.host_LastEventID

LASTHOSTEVENTID

custom_info.host_ProblemID

HOSTPROBLEMID

custom_info.host_LastProblemID

LASTHOSTPROBLEMID

custom_info.host_Latency

HOSTLATENCY

custom_info.host_ExecutionTime

HOSTEXECUTIONTIME

custom_info.host_DurationSec

HOSTDURATIONSEC

custom_info.host_Downtime

HOSTDOWNTIME

custom_info.host_PercentageChange

HOSTPERCENTCHANGE

custom_info.host_LongOutput

LONGHOSTOUTPUT

custom_info.host_PerformanceData

HOSTPERFDATA

custom_info.host_CheckCommand

HOSTCHECKCOMMAND

custom_info.host_ActionURL

HOSTACTIONURL

custom_info.host_NotesURL

HOSTNOTESURL

custom_info.host_Notes

HOSTNOTES

custom_info.host_TotalServices

TOTALHOSTSERVICES

custom_info.host_TotalServicesOK

TOTALHOSTSERVICESOK

custom_info.host_TotalServicesUnknown

TOTALHOSTSERVICESUNKNOWN

custom_info.host_TotalServicesCritical

TOTALHOSTSERVICESCRITICAL

AIOps > Nagios Service Event Fields

AIOps Field Name

Nagios Field Name

source

HOSTNAME

source_id

SERVICEEVENTID

external_id

HOSTALIAS

manager

SERVICEGROUPNAME

description

SERVICEOUTPUT

class

SERVICESTATETYPE

signature

HOSTNAME::SERVICECHECKCOMMAND

agent

Nagios

agent_time

<epoch-time-at-reception>

agent_location

Nagios Global Event Handler

type

Nagios Service Event

severity

SERVICESTATEID & SERVICESTATETYPE

custom_info.service_Description

SERVICEDESC

custom_info.service_LastStateID

LASTSERVICESTATEID

custom_info.service_Attempt

SERVICEATTEMPT

custom_info.service_MaxAttempts

MAXSERVICEATTEMPTS

custom_info.service_IsVolatile

SERVICEISVOLATILE

custom_info.service_EventID

SERVICEEVENTID

custom_info.service_LastEventID

LASTSERVICEEVENTID

custom_info.service_ProblemID

SERVICEPROBLEMID

custom_info.service_LastProblemID

LASTSERVICEPROBLEMID

custom_info.service_Latency

SERVICELATENCY

custom_info.service_ExecutionTime

SERVICEEXECUTIONTIME

custom_info.service_DurationSec

SERVICEDURATIONSEC

custom_info.service_Downtime

SERVICEDOWNTIME

custom_info.service_PercentageChange

SERVICEPERCENTCHANGE

custom_info.service_LastCheck

LASTSERVICECHECK

custom_info.service_LastStateChange

LASTSERVICESTATECHANGE

custom_info.service_LastOK

LASTSERVICEOK

custom_info.service_LastWarning

LASTSERVICEWARNING

custom_info.service_LastUnknown

LASTSERVICEUNKNOWN

custom_info.service_LastCritical

LASTSERVICECRITICAL

custom_info.service_LongOutput

LONGSERVICEOUTPUT

custom_info.service_PerformanceData

SERVICEPERFDATA

custom_info.service_CheckCommand

SERVICECHECKCOMMAND

custom_info.service_ActionURL

SERVICEACTIONURL

custom_info.service_NotesURL

SERVICENOTESURL

custom_info.service_Notes

SERVICENOTES

custom_info.host_StateID

HOSTSTATEID

custom_info.host_StateType

HOSTSTATETYPE

custom_info.host_Address

HOSTADDRESS

Severity mapping

The following table indicates the default severity mapping for Host and Service type events received from Nagios. For both types of events, the severity assigned is based on the event State and State Type :

Nagios > AIOps Severity Mapping

Event Type

State

State Type

AIOps Severity

Host Event

UP

HARD/SOFT

Clear

Host Event

UNREACHABLE

SOFT

Warning

Host Event

UNREACHABLE

HARD

Minor

Host Event

DOWN

SOFT

Major

Host Event

DOWN

HARD

Critical

Service Event

OK

HARD/SOFT

Clear

Service Event

UNKNOWN

SOFT

Warning

Service Event

WARNING

HARD

Warning

Service Event

WARNING

SOFT

Warning

Service Event

UNKNOWN

HARD

Minor

Service Event

CRITICAL

SOFT

Major

Service Event

CRITICAL

HARD

Critical