Splunk® Supported Add-ons

Splunk Add-on for Nagios Core

Lookups for the Splunk Add-on for Nagios Core

The Splunk Add-on for Nagios Core has the following lookups that map fields from Nagios Core systems to CIM-compliant values in the Splunk platform. The lookup files are located in $SPLUNK_HOME/etc/apps/Splunk_TA_nagios-core/lookups.

Filename Description
nagios_commenthistory.csv Maps numerical values for comment_type, entry_type, is_persistent, comment_source, and expires to human-readable strings.
nagios_customvariablestatus.csv Maps the numerical value for has_been_modified to a human-readable string.
nagios_downtimehistory.csv Maps numerical codes for downtime_type, is_fixed, was_started, and was_cancelled to human-readable strings.
nagios_eventhandlers.csv Maps numerical values for eventhandler_type, state, state_type, early_timeout to human-readable strings.
nagios_hostchecks.csv Maps numerical values for check_type, is_raw_check, and state to human-readable strings.
nagios_hoststatus.csv Maps numerical values for current_state, has_been_checked, shoud_be_scheduled, check_type, state_type, etc to human-readable strings.
nagios_notifications_type.csv Maps the numerical value for notification_type to a CIM-compliant type value.
nagios_notifications.csv Maps notification_type and state to a CIM-compliant severity value.
nagios_objecttype.csv Maps the numerical value for objecttype to a CIM-compliant value for src_category and dest_category.
nagios_processevents.csv Maps numerical values for event_type to human-readable strings.
nagios_programstatus.csv Maps is_currently_running and daemon_mode to human-readable strings.
nagios_scheduleddowntime.csv Maps numerical values for downtime_type, is_fixed, and was_stated to human-readable strings.
nagios_servicechecks.csv Maps numerical values for check_type, state, state_type, early_timeout to human-readable strings.
nagios_servicestatus.csv Maps numerical values for current_state, has_been_checked, should_be_scheduled, etc. to human-readable strings.
nagioslog_status_code_lookup.csv Maps Nagios status_code to a CIM-compliant status and severity value.
nagioslog_status_code_lookup.csv Maps Nagios status_code to a CIM-compliant status and severity value.
nagioslog_type_lookup.csv Maps Nagios event names to a CIM-compliant alert type value for the source type nagios:core.
nagioslog_vendor_lookup.csv Supplies values for vendor, product, and app based on the source type to support CIM compliance.
Last modified on 23 October, 2020
Troubleshoot the Splunk Add-on for Nagios Core  

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters