Hi,

This is rsyslog specific, not Observium specific.

If you want your rsyslog back to the original state, undo the changes you made.

Thanks, adam.

Adam Armstrong CEO & Lead Architect Observium Limited On 2017-10-05 13:55:21, Vikas Kumar mailvikasnow@gmail.com wrote:

I have observium CE addition and i recently tried for syslog integration on it as given here http://docs.observium.org/syslog/ [http://docs.observium.org/syslog/] I am able to see syslog messages in observium UI but unfortunately my syslog messages of observium machine itself are not getting logged to /var/log/syslog . please some one help me here. These are my configuration files as attached with this post /etc/rsyslog.conf ################# $ModLoad imudp $UDPServerRun 514 module(load="imuxsock") # provides support for local system logging module(load="imklog") # provides kernel logging support #module(load="immark") # provides --MARK-- message capability # provides UDP syslog reception #module(load="imudp") #input(type="imudp" port="514") # provides TCP syslog reception #module(load="imtcp") #input(type="imtcp" port="514") # Enable non-kernel facility klog messages $KLogPermitNonKernelFacility on ########################### #### GLOBAL DIRECTIVES #### ########################### # # Use traditional timestamp format. # To enable high precision timestamps, comment out the following line. # $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat # Filter duplicated messages $RepeatedMsgReduction on # # Set the default permissions for all log files. # $FileOwner syslog $FileGroup adm $FileCreateMode 0640 $DirCreateMode 0755 $Umask 0022 $PrivDropToUser syslog $PrivDropToGroup syslog # # Where to place spool and state files # $WorkDirectory /var/spool/rsyslog # # Include all config files in /etc/rsyslog.d/ # $IncludeConfig /etc/rsyslog.d/*.conf $DebugFile /var/log/rsyslogdebug.txt $DebugLevel 1

----------------------------------------------------------------------------------------------------- Another observium config file is located at /etc/rsyslog.d/30-observium.conf at it contains: #--------------------------------------------------------- #send remote logs to observium template(name="observium" type="string" string="%fromhost-ip%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timereported:8:25%||%msg%||%programname%\n") $ModLoad omprog Module (load="imudp") # rsyslog Input Modules input(type="imudp" port="514" ruleset="observium") # rsyslog RuleSets ruleset(name="observium") { action(type="omprog" binary="/opt/observium/syslog.php" template="observium") } *.* stop #--------------------------------------------------------- i have added a new line Module (load="imudp") apart from the original given here at http://docs.observium.org/syslog/ [http://docs.observium.org/syslog/]

But now when i do tail -f /var/log/syslog i get this : Oct 5 15:45:01 testnet-PC CRON[3000]: (root) CMD ( /opt/observium/discovery.php -h new >> /dev/null 2>&1) Oct 5 15:45:01 testnet-PC CRON[3001]: (root) CMD ( /opt/observium/poller-wrapper.py 4 >> /dev/null 2>&1) Oct 5 15:47:19 testnet-PC rsyslogd: [origin software="rsyslogd" swVersion="8.16.0" x-pid="2898" x-info="http://www.rsyslog.com [http://www.rsyslog.com]"] exiting on signal 15. and nothing more events are shown here.

Please someone help how do i get my usual syslog messages back on observium machine.

Thanks

Regards, Vikas kumar IIT Bombay India

--

[http://moodi.org/]

Vikas Kumar | Hospitality & PR Coordinator Mood Indigo, IIT Bombay

+91-9694532954 | mailvikasnow@gmail.com [mailto:mailvikasnow@gmail.com] [Facebook] [https://www.facebook.com/vikas.cse.iitb]

[https://mailtrack.io/] Sent with Mailtrack [https://chrome.google.com/webstore/detail/mailtrack-for-gmail-inbox/ndnaehgp...] _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium