[HOWTO] Install Syslog 0.5.2 plugin on Linux/Unix Cacti vers

If you figure out how to do something interesting/cool in Cacti and want to share it with the community, please post your experience here.

Moderators: Developers, Moderators

R.Wolff
Posts: 3
Joined: Mon Dec 15, 2008 5:26 am

Post by R.Wolff »

Hello.

For AppAmor, you can edit the syslog/syslog-ng Profile and add
the mysql.pipe file, then everything is also work fine.

Regards,

Rolf
ichtar
Posts: 1
Joined: Fri Mar 06, 2009 11:24 am

Post by ichtar »

hello,

perhaps I'm wrong but syslog-ng conf can be more strait forward with something like that. No pipe needed.
In fact this is the config used in syslog-ng-php from g..gle that I modified

source s_everything { internal(); pipe("/proc/kmsg"); unix-stream("/dev/log"); udp(); };
destination d_mysql {
program("/usr/bin/mysql -usyslog -psyslog syslog_cacti"
template("INSERT INTO syslog_incoming (host, facility, priority, date, time, message)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );\n")
template-escape(yes));
};
log {
source(s_everything);
destination(d_mysql);
};
Palermo
Cacti User
Posts: 87
Joined: Thu Sep 11, 2008 11:48 pm

Post by Palermo »

I`f posted a question here but i moved it to here http://forums.cacti.net/viewtopic.php?t=32774

sorry the mistake :-)
graymunt
Posts: 1
Joined: Wed Nov 11, 2009 4:09 pm

Alert by level

Post by graymunt »

Fantastic add-on... use it for reporting Cisco Port Security incidents... would like to also set alerts by level e.g. alert on all critical events but this doesn't appear to be provided for... is there a simple way of adding this or best to add to wish list for next release?
Owned
Posts: 1
Joined: Fri Jan 29, 2010 7:06 am

Post by Owned »

Hello,

reached this stage, I'm stuck, I can not find the line ...
10. Add the syslog plugin to the $plugins_array in <cacti_path>/include/global.php
At ABOUT line 46; INSERT the following line AFTER the "$plugins[] = 'settings';"

Version Cacti : Version 0.8.7e
syslog : 0.5.2

I unzipped syslog in /var/www/cacti/scripts and I gave the rights to www-data file to syslog...

thanks for help

I use debian lenny


edit : line command :

Code: Select all

 php5 -q /var/www/cacti/scripts/syslog/syslog_process.php

error :
Warning: include(/var/www/cacti/plugins/syslog/config.php): failed to open stream: Aucun fichier ou répertoire de ce type in /var/www/cacti/scripts/syslog/syslog_process.php on line 50

Warning: include(): Failed opening '/var/www/cacti/plugins/syslog/config.php' for inclusion (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/cacti/scripts/syslog/syslog_process.php on line 50

Warning: include(/var/www/cacti/plugins/syslog/functions.php): failed to open stream: Aucun fichier ou répertoire de ce type in /var/www/cacti/scripts/syslog/syslog_process.php on line 51

Warning: include(): Failed opening '/var/www/cacti/plugins/syslog/functions.php' for inclusion (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/cacti/scripts/syslog/syslog_process.php on line 51

Notice: Undefined variable: syslogdb_hostname in /var/www/cacti/scripts/syslog/syslog_process.php on line 54

Notice: Undefined variable: syslogdb_username in /var/www/cacti/scripts/syslog/syslog_process.php on line 54

Notice: Undefined variable: syslogdb_password in /var/www/cacti/scripts/syslog/syslog_process.php on line 54

Warning: mysql_connect(): Access denied for user 'root'@'localhost' (using password: NO) in /var/www/cacti/scripts/syslog/syslog_process.php on line 54
ls -all /var/www/cacti :
total 860
drwxrwxrwx 12 www-data www-data 4096 jan 29 13:05 .
drwxrwxrwx 4 root root 4096 jan 28 13:49 ..
-rwxrwxrwx 1 www-data www-data 6199 jun 28 2009 about.php
-rwxrwxrwx 1 www-data www-data 4889 jun 28 2009 auth_changepassword.php
-rwxrwxrwx 1 www-data www-data 11818 jun 28 2009 auth_login.php
-rwxrwxrwx 1 www-data www-data 21070 jun 28 2009 cdef.php
drwxrwxrwx 2 www-data www-data 4096 jun 28 2009 cli
-rwxrwxrwx 1 www-data www-data 18329 jun 28 2009 cmd.php
-rwxrwxrwx 1 www-data www-data 6809 jun 28 2009 color.php
-rwxrwxrwx 1 www-data www-data 24595 jun 28 2009 data_input.php
-rwxrwxrwx 1 www-data www-data 35028 jun 28 2009 data_queries.php
-rwxrwxrwx 1 www-data www-data 55797 jun 28 2009 data_sources.php
-rwxrwxrwx 1 www-data www-data 32287 jun 28 2009 data_templates.php
drwxrwxrwx 5 www-data www-data 4096 jun 28 2009 docs
-rwxrwxrwx 1 www-data www-data 5962 jun 28 2009 gprint_presets.php
-rwxrwxrwx 1 www-data www-data 3449 jun 28 2009 graph_image.php
-rwxrwxrwx 1 www-data www-data 11592 jun 28 2009 graph.php
-rwxrwxrwx 1 www-data www-data 7957 jun 28 2009 graph_settings.php
-rwxrwxrwx 1 www-data www-data 17383 jun 28 2009 graphs_items.php
-rwxrwxrwx 1 www-data www-data 37412 jun 28 2009 graphs_new.php
-rwxrwxrwx 1 www-data www-data 57326 jun 28 2009 graphs.php
-rwxrwxrwx 1 www-data www-data 9949 jun 28 2009 graph_templates_inputs.php
-rwxrwxrwx 1 www-data www-data 18482 jun 28 2009 graph_templates_items.php
-rwxrwxrwx 1 www-data www-data 26024 jun 28 2009 graph_templates.php
-rwxrwxrwx 1 www-data www-data 41326 jun 28 2009 graph_view.php
-rwxrwxrwx 1 www-data www-data 5839 jun 28 2009 graph_xport.php
-rwxrwxrwx 1 www-data www-data 55379 jun 28 2009 host.php
-rwxrwxrwx 1 www-data www-data 19364 jun 28 2009 host_templates.php
drwxrwxrwx 2 www-data www-data 4096 fév 11 2009 images
drwxrwxrwx 4 www-data www-data 4096 jan 29 13:26 include
-rwxrwxrwx 1 www-data www-data 2242 jun 28 2009 index.php
drwxrwxrwx 2 www-data www-data 4096 jun 28 2009 install_old
drwxrwxrwx 3 www-data www-data 4096 jun 28 2009 lib
-rwxrwxrwx 1 www-data www-data 15141 oct 31 2007 LICENSE
drwxrwxrwx 2 www-data www-data 4096 jun 28 2009 log
-rwxrwxrwx 1 www-data www-data 2451 jun 28 2009 logout.php
-rwxrwxrwx 1 www-data www-data 4306 jun 28 2009 poller_commands.php
-rwxrwxrwx 1 www-data www-data 2243 jun 28 2009 poller_export.php
-rwxrwxrwx 1 www-data www-data 16325 jun 28 2009 poller.php
-rwxrwxrwx 1 www-data www-data 48 sep 2 2008 README
drwxrwxrwx 5 www-data www-data 4096 oct 31 2007 resource
drwxrwxrwx 2 www-data www-data 4096 jan 26 14:05 rra
-rwxrwxrwx 1 www-data www-data 7088 jun 28 2009 rra.php
drwxrwxrwx 3 www-data www-data 4096 jan 29 12:31 scripts
-rwxrwxrwx 1 www-data www-data 7304 jun 28 2009 script_server.php
-rwxrwxrwx 1 www-data www-data 353 oct 31 2007 script_server.pl
-rwxrwxrwx 1 www-data www-data 4996 jun 28 2009 settings.php
-rwxrwxrwx 1 www-data www-data 5862 jun 28 2009 templates_export.php
-rwxrwxrwx 1 www-data www-data 6543 jun 28 2009 templates_import.php
-rwxrwxrwx 1 www-data www-data 18792 jun 28 2009 tree.php
-rwxrwxrwx 1 www-data www-data 43388 jun 28 2009 user_admin.php
-rwxrwxrwx 1 www-data www-data 64286 jun 28 2009 utilities.php
ls -all /var/www/cacti/scripts/syslog :
total 156
drw-r--r-- 5 www-data www-data 4096 jan 29 12:38 .
drwxrwxrwx 3 www-data www-data 4096 jan 29 12:31 ..
-rw-r--r-- 1 www-data www-data 613 jan 29 12:31 compatibility.php
-rw-r--r-- 1 www-data www-data 2062 jan 29 13:38 config.php
-rw-r--r-- 1 www-data www-data 13858 jan 29 12:31 functions.php
drw-r--r-- 2 www-data www-data 4096 jan 29 12:31 html
drw-r--r-- 2 www-data www-data 4096 jan 29 12:31 images
-rw-r--r-- 1 www-data www-data 44 jan 29 12:31 index.php
-rw-r--r-- 1 www-data www-data 15237 jan 29 12:31 LICENSE
-rw-r--r-- 1 www-data www-data 3297 jan 29 12:31 README
-rw-r--r-- 1 www-data www-data 6623 jan 29 12:31 setup.php
-rw-r--r-- 1 www-data www-data 193 jan 29 12:38 syslog2mysql.sh
-rw-r--r-- 1 www-data www-data 9638 jan 29 12:31 syslog_alert.php
-rw-r--r-- 1 www-data www-data 3351 jan 29 12:31 syslog_counter.php
-rw-r--r-- 1 www-data www-data 17408 jan 29 12:31 syslog.php
-rw-r--r-- 1 www-data www-data 11804 jan 29 12:31 syslog_process.php
-rw-r--r-- 1 www-data www-data 9436 jan 29 12:31 syslog_remove.php
-rw-r--r-- 1 www-data www-data 11118 jan 29 12:31 syslog_reports.php
-rw-r--r-- 1 www-data www-data 2546 jan 29 12:31 syslog.sql
drw-r--r-- 2 www-data www-data 4096 jan 29 12:31 template
My Config.php is configured correctly, the root user has access to the database ....

mysql -uroot -pmy_password

>> works correctly.
dpeuziat
Posts: 5
Joined: Wed Jul 08, 2009 2:31 am
Contact:

Nothing in cacti syslog window

Post by dpeuziat »

Hi

cacti 0.8.7e on Linux SLES 10 server

I've installed everything as described in the post but no messages appear in the cacti syslogs window.....

I have a doubt regarding the syslogtomysql batch, I have 2 of these processes running, is it normal?
admin 11546 1 0 16:26 pts/1 00:00:00 /bin/bash /sbin/syslogtomysql
admin 11548 11546 0 16:26 pts/1 00:00:00 /bin/bash /sbin/syslogtomysql
admin 11550 1 0 16:26 ? 00:00:00 /sbin/syslog-ng

and there is nothing entered in the mysql tables....
and no errors in any log file...

where should I start looking?

Thanks for your help
ttricktt
Posts: 12
Joined: Wed Apr 07, 2010 12:05 pm

log { source(s_sys); destination(d_mysql); };

Post by ttricktt »

I installed the syslog plugin and syslo-ng on my Centos 5 box. Was this error ever resolved from the above post?

log { source(s_sys); destination(d_mysql); };
telephonist
Posts: 1
Joined: Sat May 08, 2010 11:07 am

Post by telephonist »

I have another problem. After installing and enabling plugin I'm trying to swich to syslogs plugin it writes

Code: Select all

You are missing a dependency for Syslog, please install the 'Settings' plugin.
Do I have to install Settings plugin?
User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

Post by bmarofsky »

telephonist wrote:I have another problem. After installing and enabling plugin I'm trying to swich to syslogs plugin it writes

Code: Select all

You are missing a dependency for Syslog, please install the 'Settings' plugin.
Do I have to install Settings plugin?
Same error here, but I have Settings plugin installed? What am I missing?

Thanks,

Brian
Cacti Version - 0.8.7e
Plugin Architecture - 2.6
Poller Type - Cactid v
Server Info - Linux 2.6.9-89.0.25.plus.c4
Web Server - Apache/2.0.63 (CentOS)
PHP - 5.1.6
PHP Extensions - libxml, xml, wddx, tokenizer, sysvshm, sysvsem, sysvmsg, standard, SimpleXML, sockets, SPL, shmop, session, Reflection, pspell, posix, mime_magic, iconv, hash, gmp, gettext, ftp, exif, date, curl, ctype, calendar, bz2, zlib, pcre, openssl, apache2handler, gd, ldap, mysql, mysqli, PDO, pdo_mysql, pdo_sqlite, snmp, eAccelerator
MySQL - 5.0.82sp1
RRDTool - 1.2.23
SNMP - 5.1.2
Plugins
  • Global Plugin Settings (settings - v0.5)
    Large Site Performane Booster for Cacti (boost - v2.2)
    Thresholds (thold - v0.4.1)
    Create Aggregate Graphs (aggregate - v0.74)
    Cycle Graphs (Cycle Graphs - v0.7+)
    Device Monitoring (monitor - v0.8.2)
    Network Tools (tools - v0.3)
    loginmod
    Update Checker (update - v0.4)
    Host Info (hostinfo - v0.2)
    Error Images (errorimage - v0.1)
    docs
    Cacti-ReportIt (reportit - v0.6.1)
    WMI Query (wmi - v0.1)
    Realtime for Cacti (realtime - v0.35)
    Watermark (watermark - v0.1)
MrRat
Cacti User
Posts: 136
Joined: Thu Jan 07, 2010 10:33 am

Post by MrRat »

I think you need settings plugin 0.6
Works here.
nalletje
Posts: 6
Joined: Fri Mar 05, 2010 3:17 am

Re: [HOWTO] Install Syslog 0.5.2 plugin on Linux/Unix Cacti

Post by nalletje »

I know this is mentioned for Linux (works great on linux), but we want to try to do the same with a Windows Server 2003 with Cygwin syslog-ng.

I'm not that in to Cygwin, but i noticed that cygwin is starting services from .exe files, there is my problem.
I simpel can't add a line to the startup file (which is needed to work).

Does anyone know a way to let this work? Without editing the startup file.


(To be clear, The issue is syslog-ng logging to a MySQL database)
snasre
Posts: 36
Joined: Thu May 29, 2014 5:21 pm

Re: [HOWTO] Install Syslog 0.5.2 plugin on Linux/Unix Cacti

Post by snasre »

where can we see the syslog_incoming?
since I am using the syslog 1.22-2 version I am not sure how helpful will be the guide that you provided?
desscartes
Cacti User
Posts: 96
Joined: Fri Mar 14, 2014 1:16 am

Re: [HOWTO] Install Syslog 0.5.2 plugin on Linux/Unix Cacti

Post by desscartes »

hi everybody,

I finished all steps on [HowTo] but still there is no logs. Ican access database but all table ıs empty where is my problem? do have to ı add devıce l for syslog?(lıke threshold) or all logs have to write with syslog? please help..

here my syslog-ng conf;

Code: Select all

@version: 3.0
#Default configuration file for syslog-ng.
#
# For a description of syslog-ng configuration file directives, please read
# the syslog-ng Administrator's guide at:
#
# http://www.balabit.com/dl/html/syslog-ng-admin-guide_en.html/bk01-toc.html
#

options {
};

######
# sources
source s_local {
# message generated by Syslog-NG
internal();
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log");
# messages from the kernel
file("/proc/kmsg" program_override("kernel: "));






};
#@version: 3.1
#Bare minimum syslog-ng configuration

options { long_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
          owner("root"); group("adm"); perm(0640); stats_freq(0);
          bad_hostname("^gconfd$");
};

# we are using udp, and this is a collector for net traffic only
#
source s_all {
        udp();
#        internal();
#        unix-stream("/dev/log");
#        file("/proc/kmsg" log_prefix("kernel: "));
};

destination d_mysql {
        sql(type(mysql)
        host("localhost") username("cacti") password("*************")
        database("syslog")
        table("syslog_incoming")
        columns("facility", "priority", "date", "time", "host", "message")
        values("$FACILITY", "$PRIORITY", "$YEAR-$MONTH-$DAY",  "$HOUR:$MIN:$SEC", "$HOST_FROM", "$MSG")
        indexes("facility", "priority", "date", "time", "host", "msg"));
};

log {
source(s_all);
destination(d_mysql);
};

######
# destinations
destination d_messages { file("/var/log/messages"); };


log {
source(s_local);
destination(d_messages);
};

source net {
    udp();
};

destination d_mysql {
    pipe("/tmp/mysql.pipe"
    template("INSERT INTO syslog_incoming (host, facility, priority, date, time, message) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC',
'$MSG' );\n")
    template-escape(yes)
     );
};

log { source(net); destination(d_mysql); };
log { source(s_all); destination(d_mysql); };
here my tables:

Code: Select all

mysql> select * from syslog_alert;
Empty set (0.00 sec)

mysql> select * from syslog_facalities;
ERROR 1146 (42S02): Table 'syslog.syslog_facalities' doesn't exist
mysql> select * from syslog_facilities;
Empty set (0.00 sec)
here my syslog_proccess.php:

Code: Select all

[root@dess syslog]# php /var/www/html/cacti-0.8.8a/plugins/syslog/syslog_process.php --debug
PHP Warning:  Module 'ldap' already loaded in Unknown on line 0
SYSLOG: Syslog Table is NOT Partitioned
SYSLOG: Deleted 0,  Syslog Message(s) (older than 2014-09-21)
SYSLOG: Unique ID = 90
SYSLOG: Found   0,  New Message(s) to process
SYSLOG: Stats   0,  Record(s) to the 'syslog_statistics' table
SYSLOG: Found   0,  Removal Rule(s) to process
SYSLOG: Found   0,  Alert Rules to process
SYSLOG: Moved   0,  Message(s) to the 'syslog' table
SYSLOG: Deleted 0,  Already Processed Message(s) from incoming
SYSLOG: Deleted 0,  Syslog Statistics Record(s)
SYSLOG: Deleted 0,  Syslog alarm log Record(s)
SYSLOG: Processing Reports...
SYSLOG: We have 0 Reports in the database
SYSLOG: Finished processing Reports...
10/21/2014 04:58:59 PM - SYSTEM SYSLOG STATS:Time:0.15 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0


here my syslog ;
Attachments
11.jpg
11.jpg (118.6 KiB) Viewed 21064 times
Computer Science Eng.

Cenk Durak
desscartes
Cacti User
Posts: 96
Joined: Fri Mar 14, 2014 1:16 am

Re: [HOWTO] Install Syslog 0.5.2 plugin on Linux/Unix Cacti

Post by desscartes »

any solution or update about problem??
Computer Science Eng.

Cenk Durak
Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest