Log Source shows different server name in the logs

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
Sampath.Basireddy
Posts: 252
Joined: Wed Dec 14, 2016 12:30 pm

Log Source shows different server name in the logs

Post by Sampath.Basireddy »

Hello There,

We are seeing different servers names in the "logsource" field for the same "host".

Please suggest.
Top
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Log Source shows different server name in the logs

Post by cdienger »

Can you share some screenshots of examples? It could be a parsing issue or DNS related - let's also have a look at the logstash config found by going to Admin > Global (All Instances) > Global Config > View > All Files Combined.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Top
Sampath.Basireddy
Posts: 252
Joined: Wed Dec 14, 2016 12:30 pm

Re: Log Source shows different server name in the logs

Post by Sampath.Basireddy »

Hello @cdienger

Sent you the screenshots via PM and attaching the Global config here.
You do not have the required permissions to view the files attached to this post.
Top
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Log Source shows different server name in the logs

Post by cdienger »

There are issues parsing the data that is coming in and I think it's due to the multiline config for the syslog input. For multiline inputs, try setting up a tcp input instead - see https://support.nagios.com/kb/article/n ... g-727.html
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Top
Locked

Return to “Nagios Log Server”