LibreNMS Elastic Search


Can any assist with your examples/condifuration of indexes for elastic search so that one can send “alerts” to ELK

When I configure the transport I get the following error.

Test to elasticsearch failed returned HTTP Status code 401 for {"@timestamp":“2020-07-16T16:01:34+02:00”,“host”:“cf-docker”,“location”:null,“title”:“Test-Rule”,“message”:"#1: test => string;",“device_id”:1,“device_name”:“”,“device_hardware”:null,“device_version”:“v6.2.1-build1121 190718 (GA)”,“state”:“critical”,“severity”:“critical”,“first_occurrence”:“2020-07-16 16:01:34”,“entity_type”:“device”,“entity_tab”:“overview”,“entity_id”:1,“entity_name”:“”,“entity_descr”:""}

status 401 means unauthorized. Seems like you didn’t successfully authenticate in the api call.

If I have a clean install of elk do I need to configure anything on elk like templates, indexes.

I will tshoot the 401 I want to make sure that I don’t or have to do something on elk.

ELK will create an index based on the JSON sent from LibreNMS. You just have to create the index pattern in order to use it on the Discover app in ELK and create visualisations/dashboards.

We had this working, until we switched to TLS encryption on ELK, which LibreNMS doesn’t currently work with.