Splunk® Supported Add-ons

Splunk Add-on for Nagios Core

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Configure Splunk DB Connect v2 inputs for the Splunk Add-on for Nagios Core

Collect NDOUtils data via Splunk DB Connect on a heavy forwarder or search head. You must have an MySQL account with privileges to read the NDOUtils database, and the account must be connectable from the location of your data collection node.

These instructions apply only to Splunk DB Connect version 2.X. If you are using version 3.x, see Configure Splunk DB Connect v3 inputs for the Splunk Add-on for Nagios Core.

Configure NDOUtils inputs

  1. Add a Java mysql connector .jar file, such as mysql-connector-java-5.1.34-bin.jar, into the folder $SPLUNK_HOME/etc/apps/splunk_app_db_connect/bin/lib.
  2. Restart the Splunk platform.
  3. Create an identity in DB Connect. Use the username and password that you use when you log in to your NDOUtils MySQL database. Createnagiosidentity.png
  4. Create a connection using the identity you just created using the name Nagios_Connection for the connection. The database name is the one you specified when installing NDOUtils, and the account you use in the identity must have read privileges. Createnagiosconnection.png
  5. If you use any connection name other than Nagios_Connection and/or the database name is not nagios, copy all the stanzas starting with with [mi_input:// in $SPLUNK_HOME/etc/apps/Splunk_TA_nagios/default/inputs.conf.template to $SPLUNK_HOME/etc/apps/splunk_app_db_connect/local/inputs.conf, and replace the connection name or database name, or both, in each stanza. See the stanza below to see the two places to change the connection name and the one place to change the default database name. 
    [mi_input://instances]
connection = <Change this to your custom connection name> 
index = main
interval = 120
max_rows = -1
mode = batch
output_timestamp_format = yyyy-MM-dd HH:mm:ss
query = SELECT * FROM `<change this to your custom database name>`.`nagios_instances`
source = dbx:<Change this to your custom connection name> 
sourcetype = nagios:instances
ui_query_catalog = nagios
ui_query_mode = simple
ui_query_table = nagios_instances
disabled = 1
  6. If you experience any problems while establishing the connection, check the MySQL account and the firewall settings on the machine running MySQL.
  7. To work around a known bug in Nagios regarding treatment of empty values for timestamps, add the following line exactly as written here to $SPLUNK_HOME/etc/apps/splunk_app_db_connect/local/db_connection.conf. 
    jdbcUrlFormat = jdbc:mysql://<host>:<port>/<database>?zeroDateTimeBehavior=convertToNull
    For more about the known bug in Nagios, see http://stackoverflow.com/questions/11133759/0000-00-00-000000-can-not-be-represented-as-java-sql-timestamp-error.
  8. Enable the desired input stanzas in DB Connect. Enablenagiosinputs.png
Last modified on 11 August, 2017
 

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters