hi guys
is there an integration doc for this ?
cheers
arnab
syslog integration
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: syslog integration
Sorry for the delay. There is a
Log Monitoring with Swatch
Also, for windows event logs
Monitoring Windows Event Logs With Nagios XI
Log Monitoring with Swatch
Also, for windows event logs
Monitoring Windows Event Logs With Nagios XI
Re: syslog integration
Hi Scott,
Will this support standard syslog messages from devices like routers and switches ?
Cheers
Arnab
Will this support standard syslog messages from devices like routers and switches ?
Cheers
Arnab
Re: syslog integration
HI Guys,
I have question around the swatch utility is it able to monitor multiple log files? Ideally what I am doing is creating a separate log file per device using syslog-ng and and want swatch to monitor it is this possible ? I am able to monitor 1 file at the moment also would like to run it as service on Centos 6 any ideas how I can set it up?
Thanks Arnab
I have question around the swatch utility is it able to monitor multiple log files? Ideally what I am doing is creating a separate log file per device using syslog-ng and and want swatch to monitor it is this possible ? I am able to monitor 1 file at the moment also would like to run it as service on Centos 6 any ideas how I can set it up?
Thanks Arnab
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: syslog integration
Yes.
From the README file
From the README file
34 Added --tail-program-name and --tail-args command line options. This
35 allows one to use more robust tail commands like GNU tail. Here is
36 how I use it to watch multiple files and not have to worry when they
37 get rotated:
38
39 % swatch --tail-prog=/usr/local/bin/gtail \
40 --tail-args '--follow=name --lines=1' \
41 --tail-file="/var/log/messages /var/log/snort/alert"
Re: syslog integration
Hi guys
I would like to add the documentation isn't very clear I have managed to finally crack I have developed bunch of little scripts that makes this usable I will post this once I get a chance.
Cheers
Arnab
I would like to add the documentation isn't very clear I have managed to finally crack I have developed bunch of little scripts that makes this usable I will post this once I get a chance.
Cheers
Arnab
-
slansing
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: syslog integration
Hello arnab.roy, I have noted that you struggled with the documentation and will have a look at it to see what can be changed! If you are referring to the Read-me and Install files within the swatch zip itself those were not created by us.
Re: syslog integration
The document I think starts at the wrong point, it is not meant for integrating with external syslog messages from a number devices it considers that the logs are already their on the server on which swatch is being run on. Plus the shell script example to send the nsca traps is not entirely correct(I have re-written this in perl). It missed the step where you need to configure the nsca configuration file where you configure the encryption and password. Also swatch doesnt run as a service and doesnt have the service script to add to chkconfig I had to write that to make it run as service in a deamon mode. So their is lots of room for improvement. I am glad I managed to get working it working quiet well for me now.