Adding Nagios Logs to Splunk

Now that we have all these systems working correctly under OSX its time to start making them work together a little.

First up I want to add the nagios logs to splunk. This is very easy, you can get this off the splunk site here. But I’ll recap exactly what I did for my setup here.

1. Click Manager in the upper right-hand corner of Splunk Web.
2. Under System configurations, click Data Inputs.
3. Click Files and directories.
4. Click New to add an input
I choose Monitor a file or directory
6. Specify the path to the file:
With my setup it is:
/opt/local/var/nagios/nagios.log
7. Under Host Heading
I choose constant value
8. Under Source Type
I choose Automatic
9. Click Save

Thats it now your nagios logs show up in splunk. Pretty easy stuff.