Hi team,
I was trying to receive rsyslog messages from a linux server using following commands:
[root@client ~]# curl -sS -O http://ip/nagioslogserver/scripts/setup-linux.sh
[root@client ~]# sudo bash setup-linux.sh -s ip -p port
I was following the below document:
https://assets.nagios.com/downloads/nag ... Server.pdf
Now, I am receiving logs but I wanted to stop these logs flowing into Nagios Log Server.
I executed following command to stop these logs:
systemctl stop rsyslog
After executing above command, the logs are still not stopping.
Please suggest the steps for stopping it.
Thanks in advance.
Unable to stop rsyslog logs flowing into Nagios Log Server
-
SuryanuSanyal
- Posts: 22
- Joined: Wed Sep 15, 2021 5:43 am
Re: Unable to stop rsyslog logs flowing into Nagios Log Serv
Hello @SuryanuSanyal
Thanks for reaching out, to stop collecting logs from a source, you will want to do the following:
Thanks,
Perry
Thanks for reaching out, to stop collecting logs from a source, you will want to do the following:
Code: Select all
systemctl stop rsyslog
ls -l /etc/rsyslog.d/ #get list of configs
rm /etc/rsyslog.d/remove_the_config_log_for_the_source_device_found_in_this_directory.conf
systemctl start rsyslog #only if your device requires this service to run
Perry
-
SuryanuSanyal
- Posts: 22
- Joined: Wed Sep 15, 2021 5:43 am
Re: Unable to stop rsyslog logs flowing into Nagios Log Serv
Hi Perry,
Thanks for your input. We used those commands and it stopped.
But there were somethings we observed.
When we ran those commands, the logs stopped coming to Log Server after 2-3 hours approximately.
Also, we were trying to add linux file as log source as per the following documentation:
https://assets.nagios.com/downloads/nag ... Server.pdf
we found that when we run the following command:
echo "This is a test log entry" >> /path/to/file.txt
the logs are coming to the log server as below:
But these logs were getting reflected on the dashboard after 4-5 hours delay(in the timestamp as well).
What could be the reason behind this delay in both the cases when we are stopping the syslogs and receiving the syslogs.
Kindly provide your inputs on this.
Thanks for your input. We used those commands and it stopped.
But there were somethings we observed.
When we ran those commands, the logs stopped coming to Log Server after 2-3 hours approximately.
Also, we were trying to add linux file as log source as per the following documentation:
https://assets.nagios.com/downloads/nag ... Server.pdf
we found that when we run the following command:
echo "This is a test log entry" >> /path/to/file.txt
the logs are coming to the log server as below:
But these logs were getting reflected on the dashboard after 4-5 hours delay(in the timestamp as well).
What could be the reason behind this delay in both the cases when we are stopping the syslogs and receiving the syslogs.
Kindly provide your inputs on this.
You do not have the required permissions to view the files attached to this post.
Re: Unable to stop rsyslog logs flowing into Nagios Log Serv
Hello @SuryanuSanyal
Want to have you check and verify that the date, time, and timezone across the system and configs are set correctly.
Here is a support article that references:
https://support.nagios.com/kb/article/nagios-log-server-cluster-timezone-settings-485.html
Thanks,
Perry
Want to have you check and verify that the date, time, and timezone across the system and configs are set correctly.
Code: Select all
mysql -h 127.0.0.1 -uroot -pnagiosxi -e 'SELECT NOW(); SELECT @@GLOBAL.time_zone, @@SESSION.time_zone;'
date
ls -l /etc/localtime
php -r 'echo date("D M j G:i:s T Y")."\n";'
grep "date.timezone =" /etc/php.ini
grep date.timezone /etc/php.ini
php -r "echo date_default_timezone_get();" #timezone
php -r " echo date('Y-m-d H:i:s');" #date
php -r " echo gmdate('Y-m-d H:i:s');" #time
https://support.nagios.com/kb/article/nagios-log-server-cluster-timezone-settings-485.html
Thanks,
Perry