Hi,
1. which observium version you use? 2. try restart rsyslog system service (this issue can happen on some older observium versions).
3. please enable (if possible) temporary send syslog messages from device (iso.tk-sw2 or kau or similar) to my dev server: 77.222.50.30 (I will improve syslog message parsing for it) 4. which os on this devices?
Rami Kytölä mailto:Rami.Kytola@seutupalvelukeskus.fi 25 April 2018 at 22:11 Hi,
Yeap, but the port rule is not working currently. We get about 2k port syslog-messages per/day. Is there a way to diagnose why the rules are not working?
[pastedImage.png]
Ramiky
Lähettäjä: observium observium-bounces@observium.org käyttäjän puolestaAdam Armstrong adama@memetic.org Lähetetty: 25. huhtikuuta 2018 18:31 Vastaanottaja: Observium Aihe: Re: [Observium] Syslog rules
There's no reason /port/ wouldn't work.
The others probably don't work though, because you need to escape the spaces.
adam.
On 2018-04-25 15:14, Rami Kytölä wrote:
Hi,
Is there a way to get Syslog rules/alerts to work?
Syslogs are configured and are populating database:
Syslogs are also linked to correct devices with correct priorities.
We have set-up few rules:
But if I try with our test rule:
Then if I search from the syslog:
Ramiky
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium Adam Armstrong mailto:adama@memetic.org 25 April 2018 at 18:31 There's no reason /port/ wouldn't work.
The others probably don't work though, because you need to escape the spaces.
adam.
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium Rami Kytölä mailto:Rami.Kytola@seutupalvelukeskus.fi 25 April 2018 at 17:14
Hi,
Is there a way to get Syslog rules/alerts to work?
Syslogs are configured and are populating database:
Syslogs are also linked to correct devices with correct priorities.
We have set-up few rules:
But if I try with our test rule:
Then if I search from the syslog:
Ramiky
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
