On 11/27/2012 12:47 PM, Stefan Milo wrote:
I really like the look and feel of observium, and I would like it to replace my existing MRTG installation... However, I don't want to do the migration before I know if syslog is working or not.
I'm running these tests on virtual machines. Everything is working regarding to snmp/graphing. The poller works smoothly, the graphs are pretty. I love it.
The syslog server is working. It's receiving both internal and external input from my different devices. But can observium only receive logs from devices that are defined in it's database? I was hoping to have observium do graphing for all of my switches, and also be an independent syslog server for my esx servers and firewalls. I thought the syslog option would just parse the input in the syslog file to the web interface? Is there a way to make it parse all input from the syslog server?
I'm not looking for something like logzilla or anything. Just a simple way to display the syslogs in a web-gui, and since observium has the option it would be nice to have 1 server doing those tasks.
.stefan
Syslog working in observium. We enable logging on Ubuntu 12.04 with rsyslog. Mini HOWTO.
For enable remote logging in rsyslog uncomment lines in /etc/rsyslog.conf: #$ModLoad imudp #$UDPServerRun 514
For redirect logs to observium create file /etc/rsyslog.d/30-observium.conf with text: #--------------------------------------------------------- #send remote logs to observium
$template observium,"%fromhost%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timereported:8:25%||%msg%||%programname%\n " $ModLoad omprog $ActionOMProgBinary /opt/observium/syslog.php
:source, !isequal, "stat" :omprog:;observium
& ~ #---------------------------------------------------------
This enable module omprog, set $template like syslong-ng and redirect output to syslog.php
Then restart rsyslog: $ sudo service rsyslog restart
Now just have to adjust the equipment to send syslog to observium.
Fra: observium-bounces@observium.org [observium-bounces@observium.org] På vegne af Tom Laermans [tom.laermans@powersource.cx] Sendt: 27. november 2012 09:35 Til: Observium Network Observation System Emne: Re: [Observium] can't get syslog working
Hi,
On 26/11/2012 20:11, Stefan Milo wrote:
i tried 2 different daemons because i DID follow the documentation.
first i did the install following this guide: http://www.observium.org/wiki/Installation
This does not document syslog :-)
then i enabled syslog in observium according to this: http://www.observium.org/wiki/Configuration_Options#Syslog_Settings
Good. This enables the Observium web interface to show syslog tabs. It does not do anything else.
when the regular rsyslog didn't work i tried this: http://www.observium.org/wiki/Syslog-ng_Syslog_Server
rsyslog can't work, as it is not integrated with Observium. Setting up syslog-ng as the above URL shows
i've tried on debian, ubuntu and centos. still can't get it working. i've searched the mailing lists and google for help. i did everything one is supposed to do before asking for help. :)
You reinstalled Observium on 3 different machines just to see that syslog still doesn't work? You have been busy then... :-) Please describe your setup some more, and what is and is not working... Are the syslog messages of the hosts turning up in the regular syslog files on the Observium host? The hostname the remote devices are sending should match what Observium has in its DB for example. Firewall should hopefully be OK as you got the test message (unless you've got certain subnets open or closed off in there)
Tom
.stefan
Fra: observium-bounces@observium.org [observium-bounces@observium.org] På vegne af Tom Laermans [tom.laermans@powersource.cx] Sendt: 26. november 2012 20:06 Til: Observium Network Observation System Emne: Re: [Observium] can't get syslog working
Hi,
Did you follow the documentation on the website? The fact that you "tried with 2 different daemons" leads me to believe that you didn't...
Tom
Sent from my mobile, please excuse brevity and spelling errors.
----- Reply message ----- From: "Stefan Milo" stefan@zendata.dk To: "observium@observium.org" observium@observium.org Subject: [Observium] can't get syslog working Date: Mon, Nov 26, 2012 17:40
Hi
I'm having a hard time getting syslog to work.
I've enabled the syslog menu in config.php by inserting "$config['enable_syslog'] = 1;"
Ive tried using both rsyslog and syslog-ng. But the syslog menu in observium is just blank?
The syslog server is working and receiving info on udp port 514. 2012 Nov 26 17:35:36 10.0.0.33 Address=10.0.0.253 This is a test message generated by Kiwi SyslogGen
Any advice?
BR
Stefan Milo Noobie Observium User _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium