Seperate inputs on same port?
Posted: Tue Feb 24, 2015 4:54 am
Hello,
As I had some issue in the past with date parsing, see thread http://support.nagios.com/forum/viewtop ... t=+parsing , in order to enable our ESXi syslog messages to be processed, I made a separate input for our ESXi server like this:
syslog {
type => 'syslog-esx'
port => 514
}
Now it seems our SAN Brocade switches can also only send on UDP port 514. Is there some way to make a separate input filter for syslog messages retrieved from our Brocade SAN switches without having to change the input filter for our ESXi servers? As I had to spend quite some time to make my ESXi syslog messages get processed, I'd rather not change to much on the existing input above. The input above also easily enables me to see the percentages of messages generated by our ESXi servers.
Grtz
Willem
As I had some issue in the past with date parsing, see thread http://support.nagios.com/forum/viewtop ... t=+parsing , in order to enable our ESXi syslog messages to be processed, I made a separate input for our ESXi server like this:
syslog {
type => 'syslog-esx'
port => 514
}
Now it seems our SAN Brocade switches can also only send on UDP port 514. Is there some way to make a separate input filter for syslog messages retrieved from our Brocade SAN switches without having to change the input filter for our ESXi servers? As I had to spend quite some time to make my ESXi syslog messages get processed, I'd rather not change to much on the existing input above. The input above also easily enables me to see the percentages of messages generated by our ESXi servers.
Grtz
Willem