Hi
It happened again and I actually had some free time in the calendar, so I gave it a go.
In the /etc/rsyslog.d/30-observium there is this:
# observium RuleSets ruleset(name="observium") { action(type="omprog" binary="/opt/observium/syslog.php" template="observium") stop }
I have changed it to this:
ruleset(name="observium") { if $syslogseverity <= '5' then action(type="omprog" binary="/opt/observium/syslog.php" template="observium") stop }
As one can probably glean from the stuff above, this filters out severity 6 (informational) and 7 (debug). Saving us from millions of rows added to the syslog table daily.
Lars
From: Lars Joergensen via observium observium@lists.observium.org Sent: 13. januar 2023 19:49 To: Observium observium@observium.org Cc: Lars Joergensen DKLARJ@chr-hansen.com Subject: [Observium] Ignore priority 7 syslog
Hi
Some unfortunate soul enabled BGP debugging on a device and then forgot all about it.
I'm now trying to delete 76 million records from the syslog database..
Is there a way to ignore syslog messages with priority 7 in the syslog import in Observium? It'll probably happen again someday.
Lars ________________________________ Disclaimer: This e-mail, including any attachments, is for the intended recipient only. If you have received this e-mail by mistake please notify the sender immediately by return e-mail and delete this e-mail and any attachments, without opening the attachments, from your system. Access, disclosure, copying, distribution or reliance on any part of this e-mail by anyone else is prohibited. This e-mail is confidential and may be legally privileged. Chr. Hansen does not represent and/or warrant that the information sent and/or received by or with this e-mail is correct and does not accept any liability for damages related thereto. https://www.chr-hansen.com/en/legal-notice ________________________________ Disclaimer: This e-mail, including any attachments, is for the intended recipient only. If you have received this e-mail by mistake please notify the sender immediately by return e-mail and delete this e-mail and any attachments, without opening the attachments, from your system. Access, disclosure, copying, distribution or reliance on any part of this e-mail by anyone else is prohibited. This e-mail is confidential and may be legally privileged. Chr. Hansen does not represent and/or warrant that the information sent and/or received by or with this e-mail is correct and does not accept any liability for damages related thereto. https://www.chr-hansen.com/en/legal-notice