On 22.01.2015 11:13, Patrick Marquetecken wrote:
Mike,
here is my rsyslog.conf
# Provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
# Provides TCP syslog reception #$ModLoad imtcp #$InputTCPServerRun 514
So I only going to receive UDP messages as said in the wiki setup
[root@mon-02 ~]# ls /etc/rsyslog.d/ 30-observium.conf
#--------------------------------------------------------- #send remote logs to observium
$template observium,"%fromhost-ip%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timereported:8:25%||%msg%||%programname%\n"
$ModLoad omprog $ActionOMProgBinary /opt/observium/syslog.php
:inputname, isequal, "imudp" :omprog:;observium
& ~ #---------------------------------------------------------
Check that your server really receives any syslog messages over UDP:
$ sudo tcpdump -n 'proto UDP and port 514'
Mike Stupalov schreef op 22/01/15 om 09:04:
In DB are stored syslog entries only from remote devices (udp), not from local system.
On Thu, Jan 22, 2015 at 10:36 AM, Patrick Marquetecken <patrick@marquetecken.be mailto:patrick@marquetecken.be> wrote:
Hi All, I'm having trouble to get the rsyslog working. I have followed the guide http://www.observium.org/wiki/Rsyslog_Syslog_Server but used the %fromhost-ip% . And rebooted rsyslog service. When I do a tail of /var/log/messages (i'm using a centos 6.4) I see the log files from my others server coming in, but none is going to the database. Jan 22 08:31:12 smtp postfix/anvil[6320]: Jan 22 08:27:38 app-05 postfix/postqueue[28297]: Jan 22 08:31:24 db-02 postfix/postqueue[25382]: Jan 22 07:52:56 fw-01 postfix/postqueue[18540]: Jan 22 08:31:36 proxy-01 postfix/postqueue[16781]: Jan 22 08:31:40 app-01 postfix/postqueue[17602]: Jan 22 08:31:39 db-01 postfix/postqueue[17506]: Jan 22 08:28:06 voip-02 postfix/postqueue[29870]: Jan 22 08:27:48 nas-02 postfix/postqueue[30007]: config.php $config['enable_syslog'] = 1; $config['syslog']['fifo'] = FALSE; $config['syslog']['debug'] = TRUE; syslog.php logfile('logs/debug.log', $line); debug.log This file stays empty unless i run syslog.php at hand then I see this: [2015/01/20 17:03:31 +0100] syslog.php(15435): Can someone please advice to get this working. Thanks _______________________________________________ observium mailing list observium@observium.org <mailto:observium@observium.org> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium-- Mike Stupalov http://observium.org/
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium