Syslog Integration
Hi, I am trying to configure syslog integration to send syslog from Windows server to Obeservium. I followed instruction on this page http://docs.observium.org/syslog/. But at the bottom of the page I am not sure what to do.
Syslog-ng Make sure these options are set : options { chain_hostnames(0); keep_hostname(1); use_dns(no); };
Use this as destination in syslog-ng.conf, change syslog.php path to match yours source s_net { udp(); };
destination d_observium { program("/opt/observium/syslog.php" template ("$HOST||$FACILITY||$LEVEL_NUM||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n") template-escape(yes)); }; log { source(s_net); destination(d_observium); };
Where do I add options mentioned, where is the syslog-ng.conf file and where do I add sources section.
Thanks
https://github.com/balabit/syslog-ng-3.5/blob/master/debian/syslog-ng.conf.e...
adam.
Adam Armstrong CEO & Lead Architect Observium Limited On 2017-10-18 20:53:58, Philippe Hurtubise philippe.hurtubise@autolog.com wrote: Hi, I am trying to configure syslog integration to send syslog from Windows server to Obeservium. I followed instruction on this page http://docs.observium.org/syslog/ [http://docs.observium.org/syslog/]. But at the bottom of the page I am not sure what to do. Syslog-ng Make sure these options are set : options { chain_hostnames(0); keep_hostname(1); use_dns(no); }; Use this as destination in syslog-ng.conf, change syslog.php path to match yours source s_net { udp(); }; destination d_observium { program("/opt/observium/syslog.php" template ("$HOST||$FACILITY||$LEVEL_NUM||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n") template-escape(yes)); }; log { source(s_net); destination(d_observium); }; Where do I add options mentioned, where is the syslog-ng.conf file and where do I add sources section. Thanks
Hi Adam, I guess I misunderstood the webpage http://docs.observium.org/syslog/. It’s either rsyslog v8 and later, rsyslog v7 and earlier or syslog-ng.
I am using rsyslog 8.16.0 and followed instruction from http://docs.observium.org/syslog/.
I configured a syslog event forwarder on a windows server
I am still having a message on the Syslog page saying No syslog entries found. Check that the syslog daemon and Observium configuration options are set correctly.
Thanks for your help
From: observium [mailto:observium-bounces@observium.org] On Behalf Of Adam Armstrong Sent: Wednesday, October 18, 2017 10:40 PM To: observium@observium.org Subject: Re: [Observium] Syslog Integration
https://github.com/balabit/syslog-ng-3.5/blob/master/debian/syslog-ng.conf.e...
adam.
Adam Armstrong CEO & Lead Architect Observium Limited
On 2017-10-18 20:53:58, Philippe Hurtubise <philippe.hurtubise@autolog.commailto:philippe.hurtubise@autolog.com> wrote: Hi, I am trying to configure syslog integration to send syslog from Windows server to Obeservium. I followed instruction on this page http://docs.observium.org/syslog/. But at the bottom of the page I am not sure what to do.
Syslog-ng Make sure these options are set : options { chain_hostnames(0); keep_hostname(1); use_dns(no); };
Use this as destination in syslog-ng.conf, change syslog.php path to match yours source s_net { udp(); };
destination d_observium { program("/opt/observium/syslog.php" template ("$HOST||$FACILITY||$LEVEL_NUM||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n") template-escape(yes)); }; log { source(s_net); destination(d_observium); };
Where do I add options mentioned, where is the syslog-ng.conf file and where do I add sources section.
Thanks
participants (2)
-
Adam Armstrong -
Philippe Hurtubise