Shows Receiving from only 1

[BanditBBS]

So rebuilt my log server(s) for prod usage now. I can clearly see I am receiving logs from 5 different IPs inthe dashboard but the main page says only receiving from 1 source. Am I missing something or did I find a bug?

[jolson]

I am under the impression that where the home screen displays:

Send More Logs - Receiving logs from X hosts

It is parsing the last 1 day of activity for the 'host' field. Have you received logs from more than 1 host in the past 1 day?

[BanditBBS]

I am under the impression that where the home screen displays:

Send More Logs - Receiving logs from X hosts

It is parsing the last 1 day of activity for the 'host' field. Have you received logs from more than 1 host in the past 1 day?

Just the past hour

[jolson]

If you select a log event and press 'Raw', does the 'host' field display properly? Has the field been renamed or anything of that nature?

2015-05-14 13_00_25-Dashboard • Nagios Log Server.png

[BanditBBS]

If you select a log event and press 'Raw', does the 'host' field display properly? Has the field been renamed or anything of that nature?

2015-05-14 13_00_25-Dashboard • Nagios Log Server.png

Looks just like your picture except mine are IPs but at least 3 or 4 different ones between everything I'm receiving.

[jolson]

Bandit,

Are you certain that your timezones are all set up properly on NLS?

Code: Select all

grep timezone /etc/php.ini
date
ls -l /etc/localtime

We include a script that you can use to change your timezone.

Code: Select all

/usr/local/nagioslogserver/scripts/change_timezone.sh -z UTC

The detected amount of 'hosts' isn't guaranteed to be 100% accurate, but it is supposed to increase beyond one. On the backend, NLS is running a simply 24h query for the different 'hosts' that have logged to NLS - the 'host' field is responsible for this generated number.

Let us know if the timezones were incorrect anywhere - thanks!

[BanditBBS]

Code: Select all

[root@iss-chi-nag07 ~]# grep timezone /etc/php.ini
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = America/Chicago
[root@iss-chi-nag07 ~]# date
Thu May 14 16:27:45 CDT 2015
[root@iss-chi-nag07 ~]# ls -l /etc/localtime
-rw-r--r--. 1 root root 3543 Apr 29 17:40 /etc/localtime

Looks proper to me

[Fred Kroeger]

There's another file that you need to update for timezone - /etc/sysconfig/clock
All my logs copied across OK except the Linux server logs which were always 12hrs behind.
Once I updated that config file all logs are received immediately.

Regards.... Fred

[BanditBBS]

There's another file that you need to update for timezone - /etc/sysconfig/clock
All my logs copied across OK except the Linux server logs which were always 12hrs behind.
Once I updated that config file all logs are received immediately.

Regards.... Fred

It is set properly as well, so that's not it

Code: Select all

[jclark@iss-chi-nag07 ~]$ cat /etc/sysconfig/clock
# The time zone of the system is defined by the contents of /etc/localtime.
# This file is only for evaluation by system-config-date, do not rely on its
# contents elsewhere.
ZONE="America/Chicago"

[BanditBBS]

I came in this morning and everything is displaying properly, so can't really test things anymore But at least its working!