Page 1 of 1
Multiple conf files created for setup-linux.sh
Posted: Mon Sep 05, 2016 1:54 am
by newmember
I have a folder of files /home/error/
The files all start with CDF.
I have set up a conf file to include the following:
Code: Select all
# Input for OCS_ERROR_TAG
$InputFileName /home/error/CDF.*
When I ran this
Code: Select all
bash setup-linux.sh -s 10.3.1.7 -p 5544 -f "/home/error/CDF.*" -t OCS_ERROR_TAG
It created multiple conf files in /etc/rsyslog.d/ one conf file for each CDF file in the folder
I was thinking that the setup-linux.sh would consume all the CDF files in the folder.
Are there any recommendations?
Thanks
Re: Multiple conf files created for setup-linux.sh
Posted: Tue Sep 06, 2016 1:56 pm
by rkennedy
It really depends on what version of rsyslogd you're running, as prior versions do not support a wildcard in the InputFileName parameter.
http://serverfault.com/questions/500724 ... in-rsyslog
I believe < Version 6 is installed by default with most packages, but you may be able to if you upgrade to rysyslogd 8.5+ as mentioned in the post above. The limitation is on the imfile input not accepting wildcards.
As an alternative, you could setup a CRON to run hourly / daily to create the new rsyslogd config files as needed, which would auto populate new types.
Re: Multiple conf files created for setup-linux.sh
Posted: Tue Sep 06, 2016 2:04 pm
by newmember
Are you referring to the Nagios host for log server OR the client I am pulling the log files form?
I think you are referencing the minor release, not the 5.x ver?
I used the install scripts from the Nagios log server to install.
I think I did an yum update after.
Anyway the current rsyslog is, which I think is greater than the 8.5 you were referencing.
rsyslogd 5.8.10, compiled with:
FEATURE_REGEXP: Yes
FEATURE_LARGEFILE: Yes
GSSAPI Kerberos 5 support: Yes
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
Runtime Instrumentation (slow code): No
Re: Multiple conf files created for setup-linux.sh
Posted: Tue Sep 06, 2016 2:14 pm
by rkennedy
I'm referring to the client system running rsyslog, as that's what's forwarding to NLS.
I am referring to rsyslog as a major version, not a minor version, so you actually have a lesser version. You would need to update to 8.5.
See this link -
http://www.rsyslog.com/downloads/download-other/
Code: Select all
8.5.0 2014-10-24
Sha256: 0d20144be8a5d107a172418b1a39cdd48d7ef921b94e7ea45c58b12bce8caa52
File size: 1.98 MB
Looks like the current version 8.20.0.
Re: Multiple conf files created for setup-linux.sh
Posted: Wed Sep 07, 2016 2:03 am
by newmember
Alright, that did the trick
This was Centos 6.6 so I had to add a newer repro
I cleared the following folders:
/var/lib/rsyslog
/etc/rsyslog.d/
Added back in my conf files with the * wildcard.
restarted rsyslogd
Saw the hash files in /var/lib/rsyslog
Saw in tcpdump some data being sent to the nagios log server
Ill watch for activity tomorrow.
Version now installed:
rsyslogd 8.21.0, compiled with:
PLATFORM: i686-redhat-linux-gnu
PLATFORM (lsb_release -d):
FEATURE_REGEXP: Yes
GSSAPI Kerberos 5 support: No
FEATURE_DEBUG (debug build, slow code): No
32bit Atomic operations supported: Yes
64bit Atomic operations supported: Yes
memory allocator: system default
Runtime Instrumentation (slow code): No
uuid support: Yes
Number of Bits in RainerScript integers: 64
Re: Multiple conf files created for setup-linux.sh
Posted: Wed Sep 07, 2016 9:13 am
by mcapra
Let us know if updating to 8.x was able to satisfy your use case! It might be a bit longer before 8.x is available via apt and yum natively.