NLS setup-linux.sh and rsyslogd 5.10.1
-
travishnag1
- Posts: 10
- Joined: Mon Dec 12, 2016 9:51 pm
Re: NLS setup-linux.sh and rsyslogd 5.10.1
Please see attached linux_setup_working.zip
You do not have the required permissions to view the files attached to this post.
Re: NLS setup-linux.sh and rsyslogd 5.10.1
It's probably the initial $ModLoad at the top of the file input config:
I notice all the other ModLoads in the rsyslog 5 configuration are using the full module's name (eg imfile.so). If you're still interested in configuring individual files to ship to Nagios Log Server, I would suggest altering the first line of the generated configuration like so:
And see if that produces different results.
Code: Select all
$ModLoad imfileCode: Select all
$ModLoad imfile.soFormer Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
-
travishnag1
- Posts: 10
- Joined: Mon Dec 12, 2016 9:51 pm
Re: NLS setup-linux.sh and rsyslogd 5.10.1
I would like to get the individual the individual files working. I modified it to imfile.so but unfortunately no change in result.
Re: NLS setup-linux.sh and rsyslogd 5.10.1
From the file setup script, I get the following error message when trying to start rsyslog:
All I had to do was remove that line and everything was gravy. Here's the config I was using to test:
It's also worth mentioning I am sending the files over 2056 as raw tcp rather than trying to send them as a syslog formatted message.
Code: Select all
Dec 21 16:25:03 linux-wr7q rsyslogd: the last error occured in /etc/rsyslog.d/90-nagioslogserver_var_log_weirdlog.log.conf, line 3:"$PrivDropToGroup adm"Code: Select all
$ModLoad imfile
$InputFilePollInterval 10
$WorkDirectory /var/spool/rsyslog
# Input for weirdlog
$InputFileName /var/log/weirdlog.log
$InputFileTag weirdlog:
$InputFileStateFile nls-state-var_log_weirdlog.log # Must be unique for each file being polled
# Uncomment the folowing line to override the default severity for messages
# from this file.
#$InputFileSeverity info
$InputFilePersistStateInterval 20000
$InputRunFileMonitor
# Forward to Nagios Log Server and then discard, otherwise these messages
# will end up in the syslog file (/var/log/messages) unless there are other
# overriding rules.
if $programname == 'weirdlog' then @@192.168.67.4:2056
if $programname == 'weirdlog' then ~
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
-
travishnag1
- Posts: 10
- Joined: Mon Dec 12, 2016 9:51 pm
Re: NLS setup-linux.sh and rsyslogd 5.10.1
I removed 'PrivDropToGroup adm' from the .conf file. It works. Thank you.
Re: NLS setup-linux.sh and rsyslogd 5.10.1
Awesome - are we good to mark this thread as resolved?
Former Nagios Employee
-
travishnag1
- Posts: 10
- Joined: Mon Dec 12, 2016 9:51 pm
Re: NLS setup-linux.sh and rsyslogd 5.10.1
OK to close. Thanks again.