ELK & Nagios Part 2: How to get your logs from Redis to Elasticsearch

In the last part we collected the application logs and transferred them to Redis, our high performance messaging queue.

In this part we want to get the logs/messages out of Redis, filter them, cut them in pieces/fields and finally transfer them to our index database Elasticsearch.

We will use Logstash to normalize and enrich our data and to parse it to Elasticsearch.

To get the data out of Redis, we have to define an input plugin, fortunately Logstash comes with an input plugin for Redis, we just have to point it to the Redis server/container and the used Redis port: Read more

ELK & Nagios Part1: How to get your Application Logs to Redis


The easiest way to collect your Application logs (WebSphere, TDI, DB2…) from your servers and send them to Logstash for processing is to use Filebeat as shipper.

Filebeat gives you the possibilty to output your logs directly to Logstash but I prefer to send them first to a message broker. Reason for this is that the message broker can store all messages even if logstash isn’t available and therefore acts as a perfect buffer. Read more

Monitor WebSphere with ELK and Nagios

Worked a lot with the ELK stack for log management and Nagios for system monitoring in the last months and like both solutions a lot.

They are very flexible and customizable to match almost every customer environment. So the natural next step was to combine both solutions to build a very powerful system monitoring and management solution for WebSphere servers (IBM Connections/IBM Sametime).


Read more

managed-settings.xml issue after IBM Sametime 9 upgrade

I manage all our Sametime client settings through managed-settings.xml and I love the simplicity.

But recently I updated our IBM Sametime environment to Version 9 and the managed settings stopped working.

So I enabled the debugging parameters in rcpinstall.properties and looked at the trace:

"org.xml.sax.SAXParseException: Premature end of file."

Mhmh, not very specific, sounds like a prob with the xml but I used the same xml without any problems with version 8.5.1

So I checked to open the file via Webbrowser, worked. As this wasn’t my first issue after the upgrade I was just about to change my job and become a gardener. OK, I opened up my webbrowser for a last time and wanted to check the settings again when a green light enlightened me:

Screen 2013-10-25 at 09.58.52


Oh man, of course, I enabled “Redirect TCP to SSL” after the upgrade but forgot to change the “Sametime update site URL” accordingly. The browser has no issue with the http link and just was redirected to https, but the Notes/Sametime client doesn’t like this and throws the error.

Guess what, changing the link to https solved the issue, happy bunny 🙂

Change default SIP listening port – IBM Sametime Client

Quick tip.

Want  to change the default SIP listening port of your IBM Sametime Client? Browse to
and open preferences.ini.

In there you will find:

# Default SIP Preferences


Change listening port, restart Notes, done.

Thanks to Claudio for providing me this info!