Page 1 of 1
output log to another log server
Posted: Tue Sep 08, 2015 9:04 pm
by pccwglobalit
we have setup all hosts to transfer the log to nagioslogserver. however, we also need forward all the log to another syslog servers. will that be possible?
Re: output log to another log server
Posted: Tue Sep 08, 2015 10:21 pm
by Box293
pccwglobalit wrote:we have setup all hosts to transfer the log to nagioslogserver.
How are they forwarding the logs to Nagios Log Server? Are these windows or linux servers?
Re: output log to another log server
Posted: Wed Sep 09, 2015 2:13 am
by pccwglobalit
Hi,
We want to forward the logs from Nagios log server to other syslog server, here is the similar thread -
https://support.nagios.com/forum/viewto ... 37&t=32145
but not sure how to get it added to the config, get we ask Nagios?
output {
syslog {
appname => 'XXXGlobal-IT'
codec => 'plain'
facility => 'syslogd'
host => 192.168.1.23
msgid => 'nls3'
port => '514'
procid => '-'
protocol => 'udp'
rfc => 'rfc3164'
severity => 'informational'
sourcehost => '%{host}'
tag => 'XXXGlobal-IT'
workers => '5'
}
}
Gives this error
{:timestamp=>"2015-09-08T18:18:26.654000+0000", :message=>"The error reported is: \n Couldn't find any output plugin named 'syslog'. Are you sure this is correct? Trying to load the syslog output plugin resulted in this error: no such file to load -- logstash/outputs/syslog"}
Any idea?
Regards,
Vincent
Re: output log to another log server
Posted: Wed Sep 09, 2015 9:18 am
by ssax
Did you install the plugin?
Code: Select all
/usr/local/nagioslogserver/logstash/bin/plugin install logstash-output-syslog
Re: output log to another log server
Posted: Wed Sep 09, 2015 8:36 pm
by pccwglobalit
We need install this plugin on every node?
after install, what output filter we need put?
thanks
Re: output log to another log server
Posted: Thu Sep 10, 2015 7:28 am
by pccwglobalit
we have installed output and apply it.
however, we cannot start logstash.
there is error
TypeError: can't convert nil into String
Re: output log to another log server
Posted: Thu Sep 10, 2015 7:32 am
by pccwglobalit
we are using the following config
syslog {
appname => 'ABCD'
codec => 'plain'
host => '192.168.1.190'
facility => 'syslogd'
port => '514'
protocol => 'udp'
severity => 'informational'
sourcehost => '%{host}'
}
Re: output log to another log server
Posted: Thu Sep 10, 2015 12:21 pm
by jolson
To start with, I'd set up a UDP output, which is more simple to setup and will achieve the same results. The syslog output (if it's anything like the syslog input) may apply a filter before the output of information occurs.
You can send messages compliant with RFC3164 or RFC5424 UDP or TCP syslog transport is supported
Try the following configuration instead:
Code: Select all
udp {
host => '192.168.1.190'
port => '514'
}
This will take all of your information (as it is, after it passes through your inputs/filters) and export it to 192.168.1.190:514 via UDP.
Re: output log to another log server
Posted: Fri Sep 11, 2015 1:48 am
by pccwglobalit
thanks. it is working now.
Re: output log to another log server
Posted: Fri Sep 11, 2015 8:56 am
by hsmith
pccwglobalit wrote:thanks. it is working now.
Are we all right to mark this one resolved and close it?