I’m evaluating the gelf writer to graylog 3.x and it works basically, but I don’t want to store every check result in my elasticsearch backend.
Is there a way to filter out specific events on the icinga side or do I have to filter out the unwanted messages on the graylog side?
Also there was a config option for HA in the docu, but icinga (2.10.5) does not accept it.
Docu-bug? Even without this option there are no doubled messages
I’m using some custom vars within Icinga like location, host type and role.
It would be nice to send these additional tags to Graylog - maybe in a way like
the influxdb writer offers. Feature request?!
Are there any plans to realize a writer for message brokers (MQTT,…)?
Other systems like umbrella management systems could subscribe to state changes or alerts
without need to send them out individually to each of them.
Not at the moment, since you can consume the API event stream with a small middleware daemon by yourself which then publishes to MQTT and other bus systems.