26 Apr
2018
26 Apr
'18
7:55 a.m.
Hi,
thx, pls disable send syslog messages now (to my dev). :)
Restart rsyslog was fixed your issue? (Probably in stable still not fixed issue with reload syslog rules dinamically).
Rami Kytölä wrote:
Hi,
- We are using the current stable subscription edition
- We have tried restarting rsyslog
- We are using version 8.16.0
- This has been now enabled
- Are you seeing the incoming syslogs?
- This device is HP Procurve
Ramiky
*Lähettäjä:*Mike Stupalov [mailto:mike@stupalov.ru] *Puolesta *Mike Stupalov *Lähetetty:* keskiviikko 25. huhtikuuta 2018 23:14 *Vastaanottaja:* Observium observium@observium.org; Rami Kytölä Rami.Kytola@seutupalvelukeskus.fi *Aihe:* Re: [Observium] Syslog rules
Hi,
- which observium version you use?
- try restart rsyslog system service (this issue can happen on some
older observium versions).
- please enable (if possible) temporary send syslog messages from device (iso.tk-sw2 or kau or similar) to my dev server:
77.222.50.30 (I will improve syslog message parsing for it) 4. which os on this devices?
Rami Kytölä <mailto:Rami.Kytola@seutupalvelukeskus.fi> 25 April 2018 at 22:11 Hi, Yeap, but the port rule is not working currently. We get about 2k port syslog-messages per/day. Is there a way to diagnose why the rules are not working? --------------------------------------------------- Ramiky ----------------------------------------------------- ________________________________________ Lähettäjä: observium <observium-bounces@observium.org> <mailto:observium-bounces@observium.org> käyttäjän puolestaAdam Armstrong <adama@memetic.org> <mailto:adama@memetic.org> Lähetetty: 25. huhtikuuta 2018 18:31 Vastaanottaja: Observium Aihe: Re: [Observium] Syslog rules There's no reason /port/ wouldn't work. The others probably don't work though, because you need to escape the spaces. adam. On 2018-04-25 15:14, Rami Kytölä wrote: > Hi, > > Is there a way to get Syslog rules/alerts to work? > > Syslogs are configured and are populating database: > > Syslogs are also linked to correct devices with correct priorities. > > We have set-up few rules: > > But if I try with our test rule: > > Then if I search from the syslog: > > --------------------------------------------------- > > Ramiky > > ----------------------------------------------------- > _______________________________________________ > observium mailing list > observium@observium.org <mailto:observium@observium.org> > http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org <mailto:observium@observium.org> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org <mailto:observium@observium.org> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium Adam Armstrong <mailto:adama@memetic.org> 25 April 2018 at 18:31 There's no reason /port/ wouldn't work. The others probably don't work though, because you need to escape the spaces. adam. _______________________________________________ observium mailing list observium@observium.org <mailto:observium@observium.org> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium Rami Kytölä <mailto:Rami.Kytola@seutupalvelukeskus.fi> 25 April 2018 at 17:14 Hi, Is there a way to get Syslog rules/alerts to work? Syslogs are configured and are populating database: Syslogs are also linked to correct devices with correct priorities. We have set-up few rules: But if I try with our test rule: Then if I search from the syslog: --------------------------------------------------- Ramiky ----------------------------------------------------- _______________________________________________ observium mailing list observium@observium.org <mailto:observium@observium.org> http://postman.memetic.org/cgi-bin/mailman/listinfo/observium-- Mike Stupalov Observium Limited, http://observium.org
--
Mike Stupalov
Observium Limited, http://observium.org
