Splunk® Supported Add-ons

Splunk Add-on for Nagios Core

Troubleshoot the Splunk Add-on for Nagios Core

General troubleshooting

For troubleshooting tips that you can apply to all add-ons, see Troubleshoot add-ons in Splunk Add-ons. For additional resources, see Support and resource links for add-ons in Splunk Add-ons.

Cannot launch add-on

This add-on does not have views and is not intended to be visible in Splunk Web. If you are trying to launch or load views for this add-on and you are experiencing results you do not expect, turn off visibility for the add-on.

For more details about add-on visibility and instructions for turning visibility off, see Check if the add-on is intended to be visible or not in the Splunk Add-ons Troubleshooting topic.

Missing JDBC driver while establishing the connection to the MySQL database

Download the MySQL JDBC driver jar file and place the jar file in $SPLUNK_HOME/etc/apps/splunk_app_db_connect/bin/lib . Then, restart Splunk Enterprise and validate the connection again.

Connection refused while establishing the connection

Ensure that the firewall behind which the database is hosted is closed. For example, in CentOS, user can use the following command to close the firewall. 

service iptables stop

Then make sure the user have privileges to connect to the database. User can use the following SQL command to grant a user the permission. 

GRANT ALL ON nagios_db.* TO nagiosuser@'10.66.4.109' IDENTIFIED BY 'nagiospass';

This command grants all privileges for the user "nagiosuser" with password "nagiospass" from ip address 10.66.4.109 to the database called nagios_db.

Missing data when column values are empty in MySQL table

If you are expecting events for your Nagios source types, but your searches are turning up very few or none, you may be missing events due to table columns with empty values. Work around this issue using the fillnull command in your search to populate null values for columns you determine are empty in your tables.

For example, if your search

sourcetype=nagios:instances

returns far fewer values than you expect, and you know that your instance_description column in your nagios_instances table has empty values, adjust your search to

sourcetype=nagios:instances | fillnull value=null instance_description

Field ping_status missing from nagios:core:hostperf events

The operating system determines the format of the Nagios host performance logs, and some operating systems produce the ping_status field in a format that the add-on does not recognize. If the field is in an unexpected format, the add-on cannot perform the field extraction. The field extraction for the ping_status field is designed to work for the two different formats produced by CentOS6 and CentOS7.

Last modified on 23 October, 2020
Configure Splunk DB Connect v3 inputs for the Splunk Add-on for Nagios Core   Lookups for the Splunk Add-on for Nagios Core

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters