Integration AIX application logs with NLS

This board serves as an open discussion and support collaboration point for Nagios Log Server. NOTE: Nagios Log Server customers should use the Customer Support forum to obtain expedited support.

Integration AIX application logs with NLS

Postby lukedevon » Sat Dec 07, 2019 9:23 pm

Hi,

May I know, is there anyone who has successfully integrated syslog and application logs in AIX operating system with Nagios Log Server?

Currently, AIX syslog has configured for port 514 for a different remote log collector.

But I wanna forward AIX application logs to port 5544 in Nagios Log Server. I tried so many ways but none of methods were successful.

Finally I found this tool, and it works in AIX.
https://github.com/didfet/logstash-forwarder-java

But it requires so many customization as it has introduced some restrictions. In my environment,
1. I want to push multiple application logs , around 10 no.of logs
2. It should be able to configure TCP connection
3. There shouldn't be a limitation of file size.

Please help me if anyone has done the correct integration AIX application logs with NLS.

Thank you
Luke.
lukedevon
 
Posts: 128
Joined: Sat Mar 24, 2018 9:15 am

Re: Integration AIX application logs with NLS

Postby mbellerue » Mon Dec 09, 2019 2:24 pm

In your previous setup, were you just using rsyslog to push logs to the other server on port 514?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
mbellerue
 
Posts: 1181
Joined: Fri Jul 12, 2019 11:10 am

Re: Integration AIX application logs with NLS

Postby lukedevon » Mon Dec 09, 2019 8:55 pm

Hi,

Thank you for the reply. Actually AIX doesn't have rsyslog installed and the current syslog uses to send those audit logs to a different log collecting platform. It uses port 514.

In this environment, we have to use different port like port 5544 to send those application logs to NLS . This is the only solution we have now .

Br
Luke.
lukedevon
 
Posts: 128
Joined: Sat Mar 24, 2018 9:15 am

Re: Integration AIX application logs with NLS

Postby mbellerue » Tue Dec 10, 2019 4:24 pm

One thing you might try is just copying the Syslog input that comes with Log Server, and having the copy listen on port 514. Then you could point syslog on AIX to your log server at port 514, and Log Server should start collecting the logs.

Do note that there is additional work to be done in order to listen on privileged ports (ports lower than 1024). This document should guide you through that process.
https://assets.nagios.com/downloads/nag ... Server.pdf
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
mbellerue
 
Posts: 1181
Joined: Fri Jul 12, 2019 11:10 am

Re: Integration AIX application logs with NLS

Postby lukedevon » Wed Dec 11, 2019 11:40 pm

Thank you once again for the valuable inputs.
However we have tried that approach also what you have recommended. We tried to forward all the application logs to syslog (/var/log/messages). Didn't work. Means, we tried all possible ways but NLS didn't receive the logs. May be there is some kind of limitations in AIX OS.

Current difficulties are;
1. We are not allow to install any extra packages as the systems are fully optimized for their product . (IBM products)
2. We are not not allow to do any modification for systems settings.

Only positiveness is , we are allowed to install java app/module as java already installed in the AIX nodes. That's why we decided to use that log forwarder. But it seems that also having some restrictions as it requires some customization. We are working on it.

Br
Luke.
lukedevon
 
Posts: 128
Joined: Sat Mar 24, 2018 9:15 am

Re: Integration AIX application logs with NLS

Postby mbellerue » Thu Dec 12, 2019 1:55 pm

Here is a document on modifying the syslog service on AIX. In here is information on configuring syslog message to a remote log service.
http://aix4admins.blogspot.com/2016/09/ ... built.html

If you are not allowed to reconfigure syslog, and you are not allowed to install additional packages, then it may not be possible to capture the logs from this server. Nagios Log Server cannot reach out to a server and grab its logs, Log Server can only receive the logs.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.

Be sure to check out our Knowledgebase for helpful articles and solutions!
User avatar
mbellerue
 
Posts: 1181
Joined: Fri Jul 12, 2019 11:10 am


Return to Nagios Log Server

Who is online

Users browsing this forum: No registered users and 2 guests