Nagios provides monitoring for systems, applications, services, and business processes in your IT infrastructure. Install the log-based Nagios integration if you don't use Nagios notifications and want an integration that is simple to configure and maintain. BigPanda will correlate problems detected in Nagios into actionable incidents in BigPanda so you can understand and respond faster to critical issues in your infrastructure.

Key Features

• Integrates BigPanda with Nagios by using the Nagios log files.
  If you've configured custom filters for Nagios notifications that are working well for your needs, consider the notification-based Nagios Integration. For more information about the differences, see Nagios.

• Ensures that all relevant alerts are correlated, regardless of filtering options set for notifications.

• Provides complete visibility into the infrastructure that Nagios is monitoring.

How It Works

The BigPanda agent parses these files to correlate all of the alerts that Nagios generates:

• The log file—enables real-time synchronization of Nagios alerts to BigPanda.

• The status.dat file—enables a full sync of all open alerts to ensure all current data is available in BigPanda within minutes of first installing the integration. Also, enriches each alert with state information that normally is not available in the log file.

• The objects.cache file—keeps BigPanda in sync with the objects in your infrastructure. For example, if you remove a host that has open alerts, BigPanda closes the alerts automatically. Also, allows BigPanda to enrich alerts with host-groups and service-groups as well as custom information. For custom enrichments, contact BigPanda Support.

When an alert closes in Nagios, the alert is closed in BigPanda.

Scheduling Downtime For Maintenance

You can schedule downtime in Nagios for a maintenance window.
After receiving the start event for a scheduled downtime, BigPanda handles subsequent alerts from objects in maintenance as follows:

• Does not show new incidents in the incident feed.

• Correlates alerts to existing incidents, if applicable, and marks the alerts in Maintenance status (indicated in grey).

• Does not send AutoShare notifications for incidents where all associated alerts are in maintenance.

After receiving the end event for the scheduled downtime, BigPanda resumes normal processing for subsequent alerts from the objects.

📘

Which alerts are in Maintenance

BigPanda handles scheduled downtime according to the options you select when configuring the downtime. For example, if you configure a host to be in maintenance but not the services on that host, then alerts for those services do not change to maintenance status in BigPanda.

System Requirements

The Nagios integration supports 64-bit servers. If your Nagios implementation is running on a 32-bit server, contact BigPanda Support and request a product change.

Install the Integration

Administrators can install the integration by following the on-screen instructions in BigPanda. When installing Nagios Logs, follow only Steps 1-4, then follow the configuration steps below.

📘

Migrating between Nagios Integrations

Follow these instructions to install a new Nagios Logs integration. If you have previously installed the notification-based Nagios integration and want to migrate to the log-based integration, see Migrate Between Nagios Integrations.

Configure Nagios

Configure Nagios to send notifications to BigPanda.

1. Open the main configuration file (nagios.cfg) by running the following command:

$ sudo vim /usr/local/nagios/etc/nagios.cfg

❗️

Replace the file path with the location of your Nagios configuration file, if necessary.

2. Edit the following settings:

• Set the log_rotation_method to d (for daily log rotation).

• Ensure that the log_archive_path is configured to the location you want to use for old log files.

• Test that the nagios user has write permissions to the log_archive_path folder.

3. Reload the Nagios service for the changes to take effect:

sudo service nagios reload

Configure the BigPanda Agent

1. Configure the agent to work with the Nagios Logs integration by running the following commands:

$ sudo bigpanda-config --init --token <YOUR TOKEN>

$ sudo bigpanda-config --add nagios --app-key <YOUR APP KEY>

❗️

Replace the token and app key with the corresponding values in BigPanda.

2. Add the BigPanda user to the Nagios group by running the following command:

sudo usermod -a -G <Nagios group> bigpanda

3. At the prompts, enter the locations of your nagios.log, status.dat, and objects.cache files.

👍

• The log file is usually located at /usr/local/nagios/var/nagios.log or /var/log/nagios3/nagios.log.

• The status.dat file is usually located at /usr/local/nagios/var/status.dat or /var/cache/nagios3/status.dat.

• The objects.cache file is usually located at /usr/local/nagios/var/objects.cache or /var/cache/nagios3/objects.cache.

4. Review the script output to ensure it matches the correct paths for your Nagios installation.

Log File Path: /var/log/nagios3/nagios.log

Status Dat Path: /var/cache/nagios3/status.dat

Objects Cache Path: /var/cache/nagios3/objects.cache

Update Permissions

Grant the agent read permissions to your nagios.log, status.dat, and objects.cache files. For example, run the following command:

$ sudo usermod -a -G "<GROUP OF OBJECT CACHE FILE>,<GROUP OF LOG FILE>,<GROUP OF STATUS DAT FILE>" bigpanda

Start the BigPanda Agent

Run the following command:

$ sudo service bigpanda start

Success

The next time Nagios generates an alert, you will see it on the Incidents tab.

Nagios Logs Data Model

Standard Tags

Uninstall the Integration

Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.

🚧

When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Stop Sending Data to BigPanda

Manually resolve any open alerts sent from the integration to remove the associated incidents from your incident feed. These incidents will not automatically resolve without an ok status from the original sending integration.

If the agent supports only the Nagios integration, you can uninstall the BigPanda agent from the server.

🚧

Do not uninstall the BigPanda agent if it is supporting other BigPanda integrations. In this case, remove the Nagios integration from the agent.

Remove the Nagios Integration from the Agent

If the agent is supporting multiple integrations, you can remove only the specific integration without disabling the other BigPanda integrations that the agent supports.

1. Stop the BigPanda agent by running the following command.

sudo service bigpanda stop

2. Remove the integration from the agent configuration file by running the following command.

❗️

Replace the app key with the corresponding value in BigPanda.

sudo bigpanda-config -r <INTEGRATION APP KEY>

3. Start the BigPanda agent by running the following command.

sudo service bigpanda start

Delete the Integration from BigPanda

1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
2. In the integration details on the right, click Delete Integration. A support message opens, pre-populated with a request to delete the selected integration.
3. Press Enter to send the request.
4. The BigPanda support team will remove the integration from the UI.

To stop sending Nagios events to BigPanda, you can uninstall the agent from the server or remove the Nagios integration from the agent.