Hello Nagios LOG support
We tried following LOG wizards (configured rsyslog) to ship application log files of interest to LOG server.
Something does not work for us as expected: we get syslog itself, but not the application logs.
It seems the rsyslog had created new .conf file instead (with configuration, suggested by LOG Wizard)
rsyslog.conf and /etc/rsyslog.d/90-nagioslogserver_opt_alfresco_current_solr.log.conf are attached.
This is RedHat EL 6.x server
What did we do wrong?
- application log entries do not appear in LOG (no matter the queries), only syslog entries (which we do not need)
Difficulty getting applicaiton logs shipped by rsyslog
Difficulty getting applicaiton logs shipped by rsyslog
You do not have the required permissions to view the files attached to this post.
Re: Difficulty getting applicaiton logs shipped by rsyslog
Can we see an example of one of the logs?
Is there anything showing up in /var/log/logstash/logstash.log ?
Is there anything showing up in /var/log/logstash/logstash.log ?
Former Nagios Employee.
me.
me.
Re: Difficulty getting applicaiton logs shipped by rsyslog
Here they are:hsmith wrote:Can we see an example of one of the logs?
Is there anything showing up in /var/log/logstash/logstash.log ?
rsyslog and solr.log (application)
You do not have the required permissions to view the files attached to this post.
-
Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: Difficulty getting applicaiton logs shipped by rsyslog
Looking at your log file:
What happens if you add a test line to the log? Does it get passed to log server?
It does not look like the log has been updated since Mar 26. Is it possible that no logs are being processed because nothing is being logged ?ls -l /opt/alfresco/current/solr.log
-rw------- 1 alfrescoqa alfrescoqa 85281 Mar 26 19:06 /opt/alfresco/current/solr.log
What happens if you add a test line to the log? Does it get passed to log server?
Code: Select all
echo "20:06:33,068 WARN [org.alfresco.solr.tracker.CoreTracker] This is a test." >> /opt/alfresco/current/solr.logAs of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Difficulty getting applicaiton logs shipped by rsyslog
Not that, just an old LOG, let me get never oneBox293 wrote:Looking at your log file:
It does not look like the log has been updated since Mar 26. Is it possible that no logs are being processed because nothing is being logged ?ls -l /opt/alfresco/current/solr.log
-rw------- 1 alfrescoqa alfrescoqa 85281 Mar 26 19:06 /opt/alfresco/current/solr.log
What happens if you add a test line to the log? Does it get passed to log server?
Code: Select all
echo "20:06:33,068 WARN [org.alfresco.solr.tracker.CoreTracker] This is a test." >> /opt/alfresco/current/solr.log
Re: Difficulty getting applicaiton logs shipped by rsyslog
Are there any errors showing up in /var/log/logstash.log during the times that you are expecting these logs to come in?
Former Nagios Employee.
me.
me.
Re: Difficulty getting applicaiton logs shipped by rsyslog
- still to check on this one (tomorrow) since the servers would be vendor-managedhsmith wrote:Are there any errors showing up in /var/log/logstash.log during the times that you are expecting these logs to come in?
Please help to figure something else about this trouble:
The initial configuration:
------------------------------------------------------------------------------------------------
curl -s -O http://logging.konecranes.com/nagioslog ... p-linux.sh
bash setup-linux.sh -s logging.konecranes.com -p 5544
------------------------------------------------------------------------------------------------
- creates "*.* @@logging.konecranes.com:5544" entry in 99-nagioslogserver.conf
While the Linuxfile configurations:
====================================================================
curl -s -O http://logging.konecranes.com/nagioslog ... p-linux.sh
bash setup-linux.sh -s logging.konecranes.com -p 5544 -f "/path/to/file /path/to/another/file/*.log" -t FILE_TAG
====================================================================
- creates "if $programname == 'MYTAG' then @@logging.konecranes.com:5544" entry in daily '90-*.conf' files
So do we need the first entry in 99-nagioslogserver.conf or should we comment it?
Also, if configurations are no longer correct, would deleting these 90-.conf files remove them so that new Linuxfile configuration could be created instead?
Thank you
Re: Difficulty getting applicaiton logs shipped by rsyslog
I've always left both files on all of the servers that I am collection logs from.
You are safe to delete those files and remake them if you wish to as well.
You are safe to delete those files and remake them if you wish to as well.
Former Nagios Employee.
me.
me.
Re: Difficulty getting applicaiton logs shipped by rsyslog
This is now working:hsmith wrote:I've always left both files on all of the servers that I am collection logs from.
You are safe to delete those files and remake them if you wish to as well.
- we have deleted all conf files created previously and only added conf for specific applicaiton log file (path), but not the syslog.
- re-tagged them too
Please close the thread
Re: Difficulty getting applicaiton logs shipped by rsyslog
Closing it up. Thank you!