5.02021-11-21T21:39:24ZOnx Solutionsgraylog_nodesGraylog: Nodes## Overview
Template created to monitor GrayLog nodes through LLD (Low Level Discovery)
We added a feature of Zabbix called LLD (Low Level Discovery) in the model, this automation seeks to facilitate the discovery of the nodes in GrayLog, so that you do not have to register the nodes manually just set the time of the discovery rule.
Monitoring Itens:
-----------------
* GrayLog: Filter execution Time (FIltered, Incomming, Outgoing, Process)
* GrayLog: Internal Log Message (Error, Fatal, Trace, Warn)
* GrayLog: Journal ( Journal Size)
* GrayLog: Node Memory(LLD)/( Free Memory, Max Memory, Total Memory, Used Memory)
* GrayLog: Node Status (Lifecycle, Processing, Status )
* GrayLog: Services
Requirements
------------
* Zabbix 3.4;
* Graylog 2.4;
* Zabbix Agent install on Graylog;
* Python 3.4 or > Python3;
* Imports;
+ import requests;
+ import json;
+ import sys
## Author
Beza
Onx SolutionsGrayLog: Filter ExecutionGrayLog: Internal LogGrayLog: JournalGraylog: Node MemoryGraylog: Node StatusGrayLog Service- GrayLog: Internal Log Message Error 5 mingraylog.inter.log[org.apache.logging.log4j.core.Appender.error,m5_rate]3m7dFLOATGrayLog: Internal Log
- GrayLog: Internal Log Message Fatal 5 mingraylog.inter.log[org.apache.logging.log4j.core.Appender.fatal,m5_rate]3m7dFLOATGrayLog: Internal Log
- GrayLog: Internal Log Message Trace 5 mingraylog.inter.log[org.apache.logging.log4j.core.Appender.trace,m5_rate]3m7dFLOATGrayLog: Internal Log
- GrayLog: Internal Log Message Warn 5 mingraylog.inter.log[org.apache.logging.log4j.core.Appender.warn,m5_rate]3m7dFLOATGrayLog: Internal Log
- GrayLog Journal Sizegraylog.journal.size[org.graylog2.journal.entries-uncommitted,value]5m7dThe Graylog journal is the component sitting in front of all message processing that writes all incoming messages to disk. Graylog then reads messages from this journal to parse, process, and store them.GrayLog: Journal
- GrayLog: Filter execution Time(FIltered OutMessages) 5mingraylog.proc.buffer[ProcessBufferProcessor.filteredOutMessages,m5_rate]3m7dFLOATA common problem that can hit performance or bring message processing to a halt completely is when someone configures a regular expression or other rule that is too CPU expensive or simply never finishes.GrayLog: Filter Execution
- GrayLog: Filter execution Time(Incoming Messages) 5mingraylog.proc.buffer[ProcessBufferProcessor.incomingMessages,m5_rate]3m7dFLOATA common problem that can hit performance or bring message processing to a halt completely is when someone configures a regular expression or other rule that is too CPU expensive or simply never finishes.GrayLog: Filter Execution
- GrayLog: Filter execution Time(Outgoing Message) 5mingraylog.proc.buffer[ProcessBufferProcessor.outgoingMessages,m5_rate]3m7dFLOATA common problem that can hit performance or bring message processing to a halt completely is when someone configures a regular expression or other rule that is too CPU expensive or simply never finishes.GrayLog: Filter Execution
- GrayLog: Filter execution Time(Process Time) 5mingraylog.proc.buffer[ProcessBufferProcessor.processTime,m5_rate]3m7dFLOATA common problem that can hit performance or bring message processing to a halt completely is when someone configures a regular expression or other rule that is too CPU expensive or simply never finishes.GrayLog: Filter Execution
- GrayLog: Service Statusnet.tcp.port[{HOST.IP},9000]3m7dGrayLog ServiceService state{last()}=0Graylog: TCP DOWNAVERAGE
- GrayLog: Processesproc.num[graylog-server,,]3m7dGrayLog Service
Discovery Nodegraylog.discovery.node3m1hGraylog: Node Processinggraylog.cluster.status[{#NODEID},is_processing]3m0TEXTGraylog: Node StatusGraylog: Node Statusgraylog.cluster.status[{#NODEID},lb_status]3m0TEXTGraylog: Node StatusGraylog: Node Lifecyclegraylog.cluster.status[{#NODEID},lifecycle]30s0TEXTGraylog: Node Status{#NODEID},GrayLog: Memory Used (%)(Total/Max)CALCULATEDgraylog.men.free[{#NODEID}]3mFLOAT%100*last("graylog.node.men[{#NODEID},total_memory]")/last("graylog.node.men[{#NODEID},max_memory]")Graylog: Node MemoryGrayLog: Node Free Memorygraylog.node.men[{#NODEID},free_memory]3m7dbGraylog: Node MemoryGrayLog: Node Max Memorygraylog.node.men[{#NODEID},max_memory]3m7dbGraylog: Node MemoryGrayLog: Node Total Memorygraylog.node.men[{#NODEID},total_memory]3m7dbGraylog: Node MemoryGrayLog: Node Used Memorygraylog.node.men[{#NODEID},used_memory]3m7dbGraylog: Node MemoryService state0Down1Up