Mike,Check that your server really receives any syslog messages over UDP:
here is my rsyslog.conf
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
So I only going to receive UDP messages as said in the wiki setup
[root@mon-02 ~]# ls /etc/rsyslog.d/
30-observium.conf
#---------------------------------------------------------
#send remote logs to observium
$template observium,"%fromhost-ip%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timereported:8:25%||%msg%||%programname%\n"
$ModLoad omprog
$ActionOMProgBinary /opt/observium/syslog.php
:inputname, isequal, "imudp" :omprog:;observium
& ~
#---------------------------------------------------------
Mike Stupalov schreef op 22/01/15 om 09:04:
In DB are stored syslog entries only from remote devices (udp), not from local system.
On Thu, Jan 22, 2015 at 10:36 AM, Patrick Marquetecken <patrick@marquetecken.be> wrote:
Hi All,
I'm having trouble to get the rsyslog working.
I have followed the guide http://www.observium.org/wiki/Rsyslog_Syslog_Server but used the %fromhost-ip% .
And rebooted rsyslog service.
When I do a tail of /var/log/messages (i'm using a centos 6.4) I see the log files from my others server coming in, but none is going to the database.
Jan 22 08:31:12 smtp postfix/anvil[6320]:
Jan 22 08:27:38 app-05 postfix/postqueue[28297]:
Jan 22 08:31:24 db-02 postfix/postqueue[25382]:
Jan 22 07:52:56 fw-01 postfix/postqueue[18540]:
Jan 22 08:31:36 proxy-01 postfix/postqueue[16781]:
Jan 22 08:31:40 app-01 postfix/postqueue[17602]:
Jan 22 08:31:39 db-01 postfix/postqueue[17506]:
Jan 22 08:28:06 voip-02 postfix/postqueue[29870]:
Jan 22 08:27:48 nas-02 postfix/postqueue[30007]:
config.php
$config['enable_syslog'] = 1;
$config['syslog']['fifo'] = FALSE;
$config['syslog']['debug'] = TRUE;
syslog.php
logfile('logs/debug.log', $line);
debug.log
This file stays empty unless i run syslog.php at hand then I see this:
[2015/01/20 17:03:31 +0100] syslog.php(15435):
Can someone please advice to get this working.
Thanks
_______________________________________________
observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
--
Mike Stupalov
http://observium.org/
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
-- Mike Stupalov http://observium.org