Problem receiving different logs from same IP

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
uma K
Posts: 63
Joined: Tue Feb 14, 2017 12:41 pm

Problem receiving different logs from same IP

Post by uma K »

Team,
Currently I would like to receive logs from same IP address through different ports in LINUX. I am able to receive only TEST1.out logs. Please advise

99-nagioslogserver.conf:

$ModLoad imfile
$InputFilePollInterval 10
$PrivDropToGroup adm
$WorkDirectory /var/spool/rsyslog
# Input for test1.out
$InputFileName /var/lib/logs/test1.out
$InputFileTag test1_out:
$InputFileStateFile state-test1_out # Must be unique for each file being polled
# Uncomment the folowing line to override the default severity for messages from this file.
#$InputFileSeverity info
$InputFilePersistStateInterval 2000
$InputRunFileMonitor
# Forward to Nagios Log Server and then discard, otherwise these messages will end up in the syslog file (/var/log/messages) unless there are other overriding rules.
if $programname == 'test1_out' then @@***.***.***.**:5550
if $programname == 'test1_out' then ~

# Input for test2_out:
$InputFileName /var/lib/logs/test2.out
$InputFileTag test2_out:
$InputFileStateFile state-test2_out # Must be unique for each file being polled
# Uncomment the folowing line to override the default severity for messages from this file.
#$InputFileSeverity info
$InputFilePersistStateInterval 2000
$InputRunFileMonitor
# Forward to Nagios Log Server and then discard, otherwise these messages will end up in the syslog file (/var/log/messages) unless there are other overriding rules.
if $programname =='test2_out' then @@***.***.***.**:5551
if $programname =='test2_out' then ~
Top
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: Problem receiving different logs from same IP

Post by mcapra »

Can you share the output of the following commands executed from the CLI of your Nagios Log Server machine:

Code: Select all

netstat -an | grep 5550
netstat -an | grep 5551
iptables -S
grep '' /usr/local/nagioslogserver/logstash/etc/conf.d/*
Former Nagios employee
https://www.mcapra.com/
Top
uma K
Posts: 63
Joined: Tue Feb 14, 2017 12:41 pm

Re: Problem receiving different logs from same IP

Post by uma K »

I have attached the outputs
You do not have the required permissions to view the files attached to this post.
Top
uma K
Posts: 63
Joined: Tue Feb 14, 2017 12:41 pm

Re: Problem receiving different logs from same IP

Post by uma K »

I am able to see that my port is established in logstash. and please find the requested output attached herewith.

Thanks
You do not have the required permissions to view the files attached to this post.
Top
rkennedy
Posts: 6579
Joined: Mon Oct 05, 2015 11:45 am

Re: Problem receiving different logs from same IP

Post by rkennedy »

Do you see anything shown in a tcpdump about data being received?
Former Nagios Employee
Top
tmcdonald
Posts: 9117
Joined: Mon Sep 23, 2013 8:40 am

Re: Problem receiving different logs from same IP

Post by tmcdonald »

Just checking in since we have not heard from you in a while. Did @rkennedy's post clear things up or has the issue otherwise been resolved?
Former Nagios employee
Top
uma K
Posts: 63
Joined: Tue Feb 14, 2017 12:41 pm

Re: Problem receiving different logs from same IP

Post by uma K »

Issue is resolved.. Thanks for your support.
Top
Locked

Return to “Nagios Log Server”