Rsyslog scripts all wrong
Posted: Tue Oct 20, 2015 5:25 am
Hello,
im trying to setup a Proof of concept solutions with log server. And to that end i was trying to add syslog data from other machines. I pressed the "start sending logs - LINUX SOURCE". And a nice script came to me. I tried that. (nothing worked). The syslog was stoed in the temp directory, but nothing came to the log server. I tried to telnet (with success), so it wasent that. I then tried to do the "manual install" where the setup more in detail. With no success.
I then found out the error. The following line (in both "auto" and "manual" install) is not working for me:
# Remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional NAGIOSLOGSERVER
*.* @@10.231.1.137:5544 # NAGIOSLOGSERVER
If you look into the "template" in /etc/rsyslog.conf you can also se:
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
So this seems right. BUT if i do this:
*.* @10.231.1.137:5544 # NAGIOSLOGSERVER
(deleted one "@") Then things works !!! Im getting data to my log server and all seems well.
I am running RHEL 6
[root@mgt-abc01 rsyslog]# uname -a
Linux mgt-abc01.prod.umit.dk 2.6.32-504.23.4.el6.x86_64 #1 SMP Fri May 29 10:16:43 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@mgt-abc01 rsyslog]# rsyslogd -version
rsyslogd 5.8.10, compiled with:
FEATURE_REGEXP: Yes
FEATURE_LARGEFILE: No
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
Runtime Instrumentation (slow code): No
What do you guys have to say ??? do you have the same problems with the documented syntax ????
//Jan Chu
im trying to setup a Proof of concept solutions with log server. And to that end i was trying to add syslog data from other machines. I pressed the "start sending logs - LINUX SOURCE". And a nice script came to me. I tried that. (nothing worked). The syslog was stoed in the temp directory, but nothing came to the log server. I tried to telnet (with success), so it wasent that. I then tried to do the "manual install" where the setup more in detail. With no success.
I then found out the error. The following line (in both "auto" and "manual" install) is not working for me:
# Remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional NAGIOSLOGSERVER
*.* @@10.231.1.137:5544 # NAGIOSLOGSERVER
If you look into the "template" in /etc/rsyslog.conf you can also se:
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @@remote-host:514
So this seems right. BUT if i do this:
*.* @10.231.1.137:5544 # NAGIOSLOGSERVER
(deleted one "@") Then things works !!! Im getting data to my log server and all seems well.
I am running RHEL 6
[root@mgt-abc01 rsyslog]# uname -a
Linux mgt-abc01.prod.umit.dk 2.6.32-504.23.4.el6.x86_64 #1 SMP Fri May 29 10:16:43 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@mgt-abc01 rsyslog]# rsyslogd -version
rsyslogd 5.8.10, compiled with:
FEATURE_REGEXP: Yes
FEATURE_LARGEFILE: No
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
Runtime Instrumentation (slow code): No
What do you guys have to say ??? do you have the same problems with the documented syntax ????
//Jan Chu
