Hi Adam,

I guess I misunderstood the webpage http://docs.observium.org/syslog/.

It’s either rsyslog v8 and later, rsyslog v7 and earlier or syslog-ng.

I am using rsyslog 8.16.0 and followed instruction from http://docs.observium.org/syslog/.

I configured a syslog event forwarder on a windows server

I am still having a message on the Syslog page saying No syslog entries found.

Check that the syslog daemon and Observium configuration options are set correctly.

Thanks for your help

From: observium [mailto:observium-bounces@observium.org] On Behalf Of Adam Armstrong
Sent: Wednesday, October 18, 2017 10:40 PM
To: observium@observium.org
Subject: Re: [Observium] Syslog Integration

https://github.com/balabit/syslog-ng-3.5/blob/master/debian/syslog-ng.conf.example

adam.

Adam Armstrong

CEO & Lead Architect

Observium Limited

On 2017-10-18 20:53:58, Philippe Hurtubise <philippe.hurtubise@autolog.com> wrote:

Hi,

I am trying to configure syslog integration to send syslog from Windows server to Obeservium.

I followed instruction on this page http://docs.observium.org/syslog/.

But at the bottom of the page I am not sure what to do.

Syslog-ng

Make sure these options are set :

options {

    chain_hostnames(0);

    keep_hostname(1);

    use_dns(no);

};

Use this as destination in syslog-ng.conf, change syslog.php path to match yours

source s_net {

    udp();

};

destination d_observium {

    program("/opt/observium/syslog.php" template ("$HOST||$FACILITY||$LEVEL_NUM||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n") template-escape(yes));

};

log {

    source(s_net);

    destination(d_observium);

};

Where do I add options mentioned, where is the syslog-ng.conf file and where do I add sources section.

Thanks