Source types for the Splunk Add-on for Nagios Core
The Splunk Add-on for Nagios Core applies the following source types to Nagios Core logs and NDOUtils data.
Nagios Core logs
| Source type | Description | CIM compatibility |
|---|---|---|
nagios:core:hostperf
|
Nagios Core host performance log | None |
nagios:core:serviceperf
|
Nagios Core service performance log | Performance |
nagios:core
|
Nagios Core main log | None |
nagios:instances
|
Nagios instance information | None |
nagios:objects
|
Nagios objects information | None |
nagios:commenthistory
|
Historical host and service comments | None |
nagios:contactnotificationmethods
|
Historical record of command methods | None |
nagios:downtimehistory
|
Historical record of scheduled host and service downtime | None |
nagios:eventhandlers
|
Historical record of host and service event handlers that have been run | None |
nagios:hostchecks
|
Historical record of "raw" and "processed" host checks | None |
nagios:notifications
|
Historical record of host and service notifications | Alerts |
nagios:processevents
|
Historical record of Nagios process events (program starts, restarts, shutdowns, etc.) | None |
nagios:servicechecks
|
Historical record of service checks that have been performed | None |
nagios:systemcommands
|
Historical record of system commands that are run by Nagios daemon | None |
nagios:timedevents
|
Historical record of time events that the Nagios process handled | None |
nagios:comments
|
Current host and service comments | None |
nagios:customvariablestatus
|
Current state of all custom host, service, and contact variables | None |
nagios:hoststatus
|
Current status of host | None |
nagios:programstatus
|
Currently running Nagios process/daemon | None |
nagios:runtimevariables
|
Runtime variables from Nagios process | None |
nagios:scheduleddowntime
|
Current host and service downtime | None |
nagios:servicestatus
|
Current status information for all services | Performance |
nagios:timedeventqueue
|
All timed events that are in the Nagios event queue | None |
NDOUtils data
The add-on also assigns source types based on thirty configuration tables in NDOUtils. Each source type follows the pattern nagios:<Table_Name>. These source types do not map to CIM data models. Splunk Enterprise queries for updated data from all these tables every two minutes, with the exception of configuration tables, which are not frequently updated. Splunk Enterprise queries for updated data from configuration tables every hour.
| Table type | Source type | Mode |
|---|---|---|
| Central tables | nagios:instances
|
batch |
nagios:objects
|
batch | |
| Historical tables | nagios:commenthistory
|
batch |
nagios:contactnotificationmethods
|
tail | |
nagios:downtimehistory
|
tail | |
nagios:eventhandlers
|
tail | |
nagios:hostchecks
|
tail | |
nagios:notifications
|
batch | |
nagios:processevents
|
tail | |
nagios:servicechecks
|
tail | |
nagios:systemcommands
|
tail | |
nagios:timedevents
|
batch | |
| Current status tables | nagios:comments
|
batch |
nagios:customvariablestatus
|
batch | |
nagios:hoststatus
|
batch | |
nagios:programstatus
|
batch | |
nagios:runtimevariables
|
batch | |
nagios:scheduleddowntime
|
batch | |
nagios:servicestatus
|
batch | |
nagios:timedeventqueue
|
batch | |
| Configuration tables | nagios:commands
|
batch |
nagios:configfiles
|
batch | |
nagios:configfilevariables
|
batch | |
nagios:contact_addresses
|
batch | |
nagios:contact_notificationcommands
|
batch | |
nagios:contactgroup_members
|
batch | |
nagios:contactgroups
|
batch | |
nagios:contacts
|
batch | |
nagios:customvariables
|
batch | |
nagios:host_contactgroups
|
batch | |
nagios:host_contacts
|
batch | |
nagios:host_parenthosts
|
batch | |
nagios:hostdependencies
|
batch | |
nagios:hostescalation_contactgroups
|
batch | |
nagios:hostescalation_contacts
|
batch | |
nagios:hostescalations
|
batch | |
nagios:hostgroup_members
|
batch | |
nagios:hostgroups
|
batch | |
nagios:hosts
|
batch | |
nagios:service_contactgroups
|
batch | |
nagios:service_contacts
|
batch | |
nagios:servicedependencies
|
batch | |
nagios:serviceescalation_contactgroups
|
batch | |
nagios:serviceescalation_contacts
|
batch | |
nagios:serviceescalations
|
batch | |
nagios:servicegroup_members
|
batch | |
nagios:servicegroups
|
batch | |
nagios:services
|
batch | |
nagios:timeperiod_timeranges
|
batch | |
nagios:timeperiods
|
batch |
Last modified on 23 October, 2020
| About the Splunk Add-on for Nagios Core | Release notes for the Splunk Add-on for Nagios Core |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Download manual
Feedback submitted, thanks!