We can use both Nagios and Elastic Alerts to generate alarms based on different matrices in ELK module. Here i'm going to describe how to integrate Nagios [NRPE custom plugin ] to generate alarms based on API delays.
Here I have used default Apigate analytic module and all indices were based on Apigate product.
Step 1:
Create check_api_delay.py file in /usr/local/nagios/libexec/ directory or your own custom plugin directory.
check_api_delay.py
Step 2:
Go to nrpe.cfg file in /usr/local/nagios/etc or your default location and define NRPE command as below
#define check_api_delay command
#define check_api_delay command
define command{
command_name check_api_delay
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_api_delay -a $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$
}
#define services
define service{
use local-service
host_name MONITORING_01
service_description DelayProfile-Payment
check_command check_api_delay!DOB-Payment!amount!5000!100!150
normal_check_interval 2
}
define service{
use local-service
host_name MONITORING_01
service_description DelayProfile-QueryProfile-subscribertype
check_command check_api_delay!QueryProfile!subscribertype!5000!80!100
normal_check_interval 2
}
#define service groups
define servicegroup{
servicegroup_name IGW-API-Delay-Profile
alias IGW API Delay Profile
members MONITORING_01,DelayProfile-Payment,MONITORING_01,DelayProfile-QueryProfile-subscribertype
}
Step 4:Restart nrpe and Nagios agent
