LibreNMS Elastic Search

NotARobot · 16 July 2020 14:03

Hi

Can any assist with your examples/condifuration of indexes for elastic search so that one can send “alerts” to ELK

When I configure the transport I get the following error.

Test to elasticsearch failed
192.168.2.68:9200/librenms-2020.07.16/alert returned HTTP Status code 401 for {"@timestamp":“2020-07-16T16:01:34+02:00”,“host”:“cf-docker”,“location”:null,“title”:“Test-Rule”,“message”:"#1: test => string;",“device_id”:1,“device_name”:“10.251.2.1”,“device_hardware”:null,“device_version”:“v6.2.1-build1121 190718 (GA)”,“state”:“critical”,“severity”:“critical”,“first_occurrence”:“2020-07-16 16:01:34”,“entity_type”:“device”,“entity_tab”:“overview”,“entity_id”:1,“entity_name”:“10.251.2.1”,“entity_descr”:""}

murrant · 16 July 2020 14:56

status 401 means unauthorized. Seems like you didn’t successfully authenticate in the api call.

NotARobot · 16 July 2020 16:55

If I have a clean install of elk do I need to configure anything on elk like templates, indexes.

I will tshoot the 401 I want to make sure that I don’t or have to do something on elk.

f00f0rc3 · 21 July 2020 12:20

ELK will create an index based on the JSON sent from LibreNMS. You just have to create the index pattern in order to use it on the Discover app in ELK and create visualisations/dashboards.

We had this working, until we switched to TLS encryption on ELK, which LibreNMS doesn’t currently work with.

Andy