From 101af8131d694d8ccf527ec6eced51df6f3324c5 Mon Sep 17 00:00:00 2001 From: jbbarth Date: Mon, 30 Jan 2012 17:32:17 +0100 Subject: [PATCH 1/5] Added nagios_nsca output (see ticket LOGSTASH-354) --- lib/logstash/outputs/nagios_nsca.rb | 111 ++++++++++++++++++++++++++++ 1 file changed, 111 insertions(+) create mode 100644 lib/logstash/outputs/nagios_nsca.rb diff --git a/lib/logstash/outputs/nagios_nsca.rb b/lib/logstash/outputs/nagios_nsca.rb new file mode 100644 index 000000000..a8d5575d4 --- /dev/null +++ b/lib/logstash/outputs/nagios_nsca.rb @@ -0,0 +1,111 @@ +require "logstash/outputs/base" +require "logstash/namespace" + +# The nagios_nsca output is used for sending passive check results to Nagios +# through the NSCA protocol. +# +# This is useful if your Nagios server is not the same as the source host from +# where you want to send logs or alerts. If you only have one server, this +# output is probably overkill # for you, take a look at the 'nagios' output +# instead. +# +# Here is a sample config using the nagios_nsca output: +# output { +# nagios_nsca { +# # specify the hostname or ip of your nagios server +# # (defaults to localhost) +# host => "nagios.example.com" +# +# # specify the port to connect to +# # (default 5667) +# port => 5667 +# } +# } + +class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base + + config_name "nagios_nsca" + + # The nagios host or IP to send logs to. It should have a NSCA daemon running. + # (defaults to: "localhost") + config :host, :validate => :string, :default => "localhost" + + # The port where the NSCA daemon on the nagios host listens. + # (defaults to: 5667) + config :port, :validate => :number, :default => 5667 + + # The path to the 'send_nsca' binary on the local host. + # (defaults to: "/usr/sbin/send_nsca") + config :send_nsca_bin, :validate => :string, :default => "/usr/sbin/send_nsca" + + # The path to the send_nsca config file on the local host. + # Leave blank if you don't want to provide a config file. + config :send_nsca_config, :validate => :string + + # The nagios 'host' you want to submit a passive check result to. This + # parameter accepts interpolation, e.g. you can use @source_host or other + # logstash internal variables. + # (defaults to: "%{@source_host}") + config :nagios_host, :validate => :string, :default => "%{@source_host}" + + # The nagios 'service' you want to submit a passive check result to. This + # parameter accepts interpolation, e.g. you can use @source_host or other + # logstash internal variables. + # (defaults to: "LOGSTASH") + config :nagios_service, :validate => :string, :default => "LOGSTASH" + + public + def register + #nothing for now + end + + public + def connect + #nothing for now + end + + public + def receive(event) + # catch logstash shutdown + if event == LogStash::SHUTDOWN + finished + return + end + + # skip if 'send_nsca' binary doesn't exist + if !File.exists?(@send_nsca_bin) + @logger.warn(["Skipping nagios_nsca output; send_nsca_bin file is missing", + {"send_nsca_bin" => @send_nsca_bin, "missed_event" => event}]) + return + end + + # interpolate params + nagios_host = event.sprintf(@nagios_host) + nagios_service = event.sprintf(@nagios_service) + + # escape basic things in the log message + # TODO: find a way to escape the message correctly + msg = event.to_s + msg.gsub!("\n", "
") + msg.gsub!("'", "’") + + # build the command + # syntax: echo '!!!' | \ + # /usr/sbin/send_nsca -H -d '!' -c " + # TODO: make nagios status configurable ; defaults to 1 = 'WARNING' for now. + cmd = %(echo '#{nagios_host}~#{nagios_service}~1~#{msg}' |) + cmd << %( #{@send_nsca_bin} -H #{@host} -p #{@port} -d '~') + cmd << %( -c #{@send_nsca_config}) if @send_nsca_config + cmd << %( 2>/dev/null >/dev/null) + @logger.debug({"nagios_nsca_command" => cmd}) + + begin + system cmd + rescue => e + @logger.warn(["Skipping nagios_nsca output; error calling send_nsca", + {"error" => $!, "nagios_nsca_command" => cmd, + "missed_event" => event}]) + @logger.debug(["Backtrace", e.backtrace]) + end + end # def receive +end # class LogStash::Outputs::NagiosNsca From d268a9f676bd06b88358f68966d15970193b9d3d Mon Sep 17 00:00:00 2001 From: jbbarth Date: Tue, 31 Jan 2012 23:13:15 +0100 Subject: [PATCH 2/5] nagios_nsca output: removed comments mentionning default values as they will be auto-documented --- lib/logstash/outputs/nagios_nsca.rb | 7 ------- 1 file changed, 7 deletions(-) diff --git a/lib/logstash/outputs/nagios_nsca.rb b/lib/logstash/outputs/nagios_nsca.rb index a8d5575d4..cb13bc8e0 100644 --- a/lib/logstash/outputs/nagios_nsca.rb +++ b/lib/logstash/outputs/nagios_nsca.rb @@ -13,11 +13,9 @@ require "logstash/namespace" # output { # nagios_nsca { # # specify the hostname or ip of your nagios server -# # (defaults to localhost) # host => "nagios.example.com" # # # specify the port to connect to -# # (default 5667) # port => 5667 # } # } @@ -27,15 +25,12 @@ class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base config_name "nagios_nsca" # The nagios host or IP to send logs to. It should have a NSCA daemon running. - # (defaults to: "localhost") config :host, :validate => :string, :default => "localhost" # The port where the NSCA daemon on the nagios host listens. - # (defaults to: 5667) config :port, :validate => :number, :default => 5667 # The path to the 'send_nsca' binary on the local host. - # (defaults to: "/usr/sbin/send_nsca") config :send_nsca_bin, :validate => :string, :default => "/usr/sbin/send_nsca" # The path to the send_nsca config file on the local host. @@ -45,13 +40,11 @@ class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base # The nagios 'host' you want to submit a passive check result to. This # parameter accepts interpolation, e.g. you can use @source_host or other # logstash internal variables. - # (defaults to: "%{@source_host}") config :nagios_host, :validate => :string, :default => "%{@source_host}" # The nagios 'service' you want to submit a passive check result to. This # parameter accepts interpolation, e.g. you can use @source_host or other # logstash internal variables. - # (defaults to: "LOGSTASH") config :nagios_service, :validate => :string, :default => "LOGSTASH" public From 094d80b25dd312e02888be2736d1f349fd710fb2 Mon Sep 17 00:00:00 2001 From: jbbarth Date: Tue, 31 Jan 2012 23:15:25 +0100 Subject: [PATCH 3/5] nagios_nsca output: removed connect method since it's not required --- lib/logstash/outputs/nagios_nsca.rb | 5 ----- 1 file changed, 5 deletions(-) diff --git a/lib/logstash/outputs/nagios_nsca.rb b/lib/logstash/outputs/nagios_nsca.rb index cb13bc8e0..41be0c0e1 100644 --- a/lib/logstash/outputs/nagios_nsca.rb +++ b/lib/logstash/outputs/nagios_nsca.rb @@ -52,11 +52,6 @@ class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base #nothing for now end - public - def connect - #nothing for now - end - public def receive(event) # catch logstash shutdown From 5ab06aeed26218f0cbcb550bd01475c1ca984594 Mon Sep 17 00:00:00 2001 From: jbbarth Date: Tue, 31 Jan 2012 23:39:34 +0100 Subject: [PATCH 4/5] nagios_nsca output: added plugin_status so that the plugin is compatible with the new stable version 1.1.0 --- lib/logstash/outputs/nagios_nsca.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/logstash/outputs/nagios_nsca.rb b/lib/logstash/outputs/nagios_nsca.rb index 41be0c0e1..8d425aed4 100644 --- a/lib/logstash/outputs/nagios_nsca.rb +++ b/lib/logstash/outputs/nagios_nsca.rb @@ -23,6 +23,7 @@ require "logstash/namespace" class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base config_name "nagios_nsca" + plugin_status "experimental" # The nagios host or IP to send logs to. It should have a NSCA daemon running. config :host, :validate => :string, :default => "localhost" From 61a028e271ed830bbc325a64b009eb244a786052 Mon Sep 17 00:00:00 2001 From: jbbarth Date: Tue, 31 Jan 2012 23:59:43 +0100 Subject: [PATCH 5/5] nagios_nsca output: simplified logger calls --- lib/logstash/outputs/nagios_nsca.rb | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/lib/logstash/outputs/nagios_nsca.rb b/lib/logstash/outputs/nagios_nsca.rb index 8d425aed4..f5f67236a 100644 --- a/lib/logstash/outputs/nagios_nsca.rb +++ b/lib/logstash/outputs/nagios_nsca.rb @@ -63,8 +63,8 @@ class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base # skip if 'send_nsca' binary doesn't exist if !File.exists?(@send_nsca_bin) - @logger.warn(["Skipping nagios_nsca output; send_nsca_bin file is missing", - {"send_nsca_bin" => @send_nsca_bin, "missed_event" => event}]) + @logger.warn("Skipping nagios_nsca output; send_nsca_bin file is missing", + "send_nsca_bin" => @send_nsca_bin, "missed_event" => event) return end @@ -86,15 +86,15 @@ class LogStash::Outputs::NagiosNsca < LogStash::Outputs::Base cmd << %( #{@send_nsca_bin} -H #{@host} -p #{@port} -d '~') cmd << %( -c #{@send_nsca_config}) if @send_nsca_config cmd << %( 2>/dev/null >/dev/null) - @logger.debug({"nagios_nsca_command" => cmd}) + @logger.debug("Running send_nsca command", "nagios_nsca_command" => cmd) begin system cmd rescue => e - @logger.warn(["Skipping nagios_nsca output; error calling send_nsca", - {"error" => $!, "nagios_nsca_command" => cmd, - "missed_event" => event}]) - @logger.debug(["Backtrace", e.backtrace]) + @logger.warn("Skipping nagios_nsca output; error calling send_nsca", + "error" => $!, "nagios_nsca_command" => cmd, + "missed_event" => event) + @logger.debug("Backtrace", e.backtrace) end end # def receive end # class LogStash::Outputs::NagiosNsca