could you do something with the syslog output? send the alerts you're interested in to syslog on the nagios host and tail the logs from that? Might allow you to be a bit more selective, too.
On Wednesday, February 5, 2014 1:53:38 PM UTC, Michiel van Es wrote: > > To be more precise: this is the most valuable link I found: > http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html > I am still interested in other peoples' implementations. > > Op woensdag 5 februari 2014 14:45:26 UTC+1 schreef Michiel van Es: >> >> Yes, First 3 hits about mail scripts (nagios exchange) and 'swatch alike >> scripts' but not a lot of specific setup information. >> That is why I ask it here what people use nowadays and how their setup >> looks like. >> >> Michiel >> >> Op woensdag 5 februari 2014 14:32:47 UTC+1 schreef Darin Perusich: >>> >>> Have you asked Google? >>> -- >>> Later, >>> Darin >>> >>> >>> On Wed, Feb 5, 2014 at 6:47 AM, Michiel van Es <[email protected]> >>> wrote: >>> > Hello, >>> > >>> > I was wondering if someone already used the OSSEC and Nagios to >>> generate >>> > alerts ? >>> > I have the following idea in my head: alert of level 11+ will be seen >>> by a >>> > monitor/swatch script tailing the /var/ossec/logs/alerts/alerts.log >>> logfile >>> > and generates an alert/trigger and sends it to Nagios. >>> > Nagios generates an alert, shows in on a dashboard. >>> > Engineer fixes the issue or filters the alert (in case of a false >>> positive) >>> > and OK/ACK the alert in Nagios. >>> > >>> > Or has someone else a better idea how to integrate these 2 together? >>> > >>> > All tips are more then welcome! >>> > >>> > Michiel >>> > >>> > -- >>> > >>> > --- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "ossec-list" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to [email protected]. >>> > For more options, visit https://groups.google.com/groups/opt_out. >>> >> -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
