multiple log sources from same device.

[benhank]

Whaddup plAyahs!

I want to set up multiple file sources on my nagios machine. I tried this:

Code: Select all

    curl -s -O http://mi6/nagioslogserver/scripts/setup-linux.sh
    bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/var/nagios.log -t Nagios_Core
	
	bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/var/nagios.debug -t Nagios_CoreDebug
	
	bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/var/perfdata.log -t Nagios_Perfdata
	
	bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/var/npcd.log -t Nagios_NPCD
	
	bash setup-linux.sh -s mi6 -p 5544 -f /var/log/httpd/error_log -t Nagios_Apache
	
	bash setup-linux.sh -s mi6 -p 5544 -f /var/log/httpd/access_log -t Nagios_ACCESS
	
	bash setup-linux.sh -s mi6 -p 5544 -f /var/log/mysqld.log -t Nagios_MYSQLD
	
	bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/etc/nagios.cfg -t Nagios_Config	  

	

but it didn't work. how can I make this happen?

[bdgoecke]

Could you give more detail on what didn't work ?

What OS & OS Version are you trying to send logs from ?

[scottwilkerson]

This certainly should work providing this machine has rsyslog and mi6 is the correct hostname of your log server cluster.

What happens?

[benhank]

Code: Select all

[root@lkennagiost01 ~]# bash setup-linux.sh -s mi6 -p 5544 -f /var/log/httpd/error_log -t Nagios_Apache
Detected rsyslog 5.8.10
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: mi6:5544
Creating /etc/rsyslog.d/90-nagioslogserver_var_log_httpd_error_log.conf...
SELinux is disabled.
ERROR: rsyslog configuration check failed.
[root@lkennagiost01 ~]# bash setup-linux.sh -s mi6 -p 5544 -f /var/log/httpd/access_log -t Nagios_ACCESS
Detected rsyslog 5.8.10
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: mi6:5544
Creating /etc/rsyslog.d/90-nagioslogserver_var_log_httpd_access_log.conf...
SELinux is disabled.
ERROR: rsyslog configuration check failed.
[root@lkennagiost01 ~]# bash setup-linux.sh -s mi6 -p 5544 -f /var/log/mysqld.log -t Nagios_MYSQLD
Detected rsyslog 5.8.10
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: mi6:5544
Creating /etc/rsyslog.d/90-nagioslogserver_var_log_mysqld.log.conf...
SELinux is disabled.
ERROR: rsyslog configuration check failed.
[root@lkennagiost01 ~]# bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/etc/nagios.cfg -t Nagios_Config
Detected rsyslog 5.8.10
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: mi6:5544
Creating /etc/rsyslog.d/90-nagioslogserver_usr_local_nagios_etc_nagios.cfg.conf...
SELinux is disabled.
ERROR: rsyslog configuration check failed.
[root@lkennagiost01 ~]# bash setup-linux.sh -s mi6 -p 5544 -f /usr/local/nagios/var/nagios.log -t Nagios_Core
Detected rsyslog 5.8.10
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: mi6:5544
Creating /etc/rsyslog.d/90-nagioslogserver_usr_local_nagios_var_nagios.log.conf...
SELinux is disabled.
ERROR: rsyslog configuration check failed.
[root@lkennagiost01 ~]#

[benhank]

Found it. in

Code: Select all

etc/rsyslogd/

there was a logstash.conf file in the dir deleted it and its all good now