Hi, all.
After dist upgrade from Ubuntu 12.04 to 14.04 syslog messages from cisco IOS devices became empty. There is a similar thread/bug:
http://jira.observium.org/browse/OBSERVIUM-850 http://postman.memetic.org/pipermail/observium/2014-August/007527.html
We’ve managed to work around it by changing:
template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n")
to:
template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||:: : :: $MSG||$PROGRAM\n")
in syslog config.
For the developers: it happened after update of syslog/php to 3.5.3-1 [@9695e81] / PHP 5.5.9-1ubuntu4.3 from whatever was current on Ubuntu 12.04 LTS , worked fine before that.
Also, the data examplesyslog sends to the script is:
10.x.x.x||local7||notice||notice||bd||2014-08-19 20:21:10||%SYS-5-CONFIG_I: Configured from console by xx on vty3 (10.x.x.xx)||BST
Hope this helps! Pav
Pavelas Sokolovas Custodian Data Centre Email: ps@CustodianDC.com http://www.CustodianDC.com