Discussions and feedback on the Graylog Special Agent that is part of the Feature Pack 1
UPDATE: Testing is now over, thanks to all who gave their feedback! To install plug-ins that are part of the Feature Pack, please refer to this entry on the manual.
Hallo,
what does the graylog check do exactly?
I ve a rancher2.3 setup but logfiles checks via ELK or syslog aren working well,
Rancher 2.3 has a graylog output option and my idea is to check if I can see more output using this way.
Is it possible to check the greylog for recorded events like failed logins?
Thanks
Ralf
Hi Ralf,
it’s more about monitoring the graylog instance itself.
You find a detailed list of checks on the exchange page.
Hi,
this special agent is not working with a password from the pwstore.
CRIT - [special_graylog] Agent exited with code 2: usage: agent_graylog [-h] [-u USER] [-s PASSWORD] [-P PROTO] [-p PORT]
[-t SINCE] [-m SECTIONS]
[–display_node_details {host,node}]
[–display_sidecar_details {host,sidecar}]
[–display_source_details {host,source}] [–debug]
HOSTNAME
agent_graylog: error: unrecognized arguments: --pwstore=10@0@APP_GRAYLOG
When I store the password inside the WATO rule, cmk discovers the Graylog services. But all other services from cmk agent on this host where unknown. I am the only one facing this issue?
CMK 1.6.0p9 EE
problem with password from store will be fixed with Werk #10941 (currently reviewed).
Thanks for reporting that.
Related to the missing services of the agent…
What datasource do you use?
Should be “Normal Checkmk agent, all configured special agents” if you want data from “normal” agent and the special agent.
Hi _rb,
yes it is configured to this. Downloaded agent output contains only Graylog data and ESX piggyback, but not data from cmk agent on this host (connected with ssh).
Edit: problem solved. The rule “Individual program call instead of agent access” was not configured for the option “Normal Checkmk agent, all configured special agents”. Now it is working, thank you!