syslog issue

Announcements concerning Plugins for Cacti

Moderators: Developers, Moderators

Post Reply
sharekhan
Cacti User
Posts: 57
Joined: Mon Apr 04, 2011 10:47 am

syslog issue

Post by sharekhan »

Sir

i am not getting the data in syslog , below are the details for your reference.

Syslog 1.22

[nms ~]# php -q /var/www/html/cacti/plugins/syslog/syslog_process.php --debug
SYSLOG: Syslog Table is NOT Partitioned
SYSLOG: Deleted 0, Syslog Message(s) (older than 2012-04-23)
SYSLOG: Unique ID = 4
SYSLOG: Found 0, New Message(s) to process
SYSLOG: Stats 0, Record(s) to the 'syslog_statistics' table
SYSLOG: Found 0, Removal Rule(s) to process
SYSLOG: Found 0, Alert Rules to process
SYSLOG: Moved 0, Message(s) to the 'syslog' table
SYSLOG: Deleted 0, Already Processed Message(s) from incoming
SYSLOG: Deleted 0, Syslog Statistics Record(s)
SYSLOG: Deleted 0, Syslog alarm log Record(s)
SYSLOG: Processing Reports...
SYSLOG: We have 0 Reports in the database
SYSLOG: Finished processing Reports...
05/23/2012 04:21:20 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0


***********
Cacti LOG
***********

05/23/2012 04:22:52 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:52 PM - SYSTEM STATS: Time:0.1813 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:22:42 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:42 PM - SYSTEM STATS: Time:0.1875 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:22:32 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:32 PM - SYSTEM STATS: Time:0.1814 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:22:22 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:22 PM - SYSTEM STATS: Time:0.1823 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:22:12 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:12 PM - SYSTEM STATS: Time:0.1865 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:22:02 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:22:02 PM - SYSTEM STATS: Time:0.1894 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:52 PM - SYSTEM SYSLOG STATS:Time:0.1 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:52 PM - SYSTEM STATS: Time:0.1875 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:42 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:42 PM - SYSTEM STATS: Time:0.1792 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:32 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:32 PM - SYSTEM STATS: Time:0.1854 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:22 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:22 PM - SYSTEM STATS: Time:0.1823 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:20 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:12 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:12 PM - SYSTEM STATS: Time:0.1824 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:21:02 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:21:02 PM - SYSTEM STATS: Time:0.1854 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:20:52 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:20:52 PM - SYSTEM STATS: Time:0.1835 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:1 RRDsProcessed:0
05/23/2012 04:20:50 PM - SYSTEM SYSLOG STATS:Time:0.09 Deletes:0 Incoming:0 Removes:0 XFers:0 Alerts:0 Alarms:0 Reports:0
05/23/2012 04:20:50 PM - SYSTEM STATS: Time:0.1084 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:0 RRDsProcessed:0
sharekhan
Cacti User
Posts: 57
Joined: Mon Apr 04, 2011 10:47 am

Re: syslog issue

Post by sharekhan »

Sir pls help
User avatar
gandalf
Developer
Posts: 22383
Joined: Thu Dec 02, 2004 2:46 am
Location: Muenster, Germany
Contact:

Re: syslog issue

Post by gandalf »

Plugin related, moving
R.
MrRat
Cacti User
Posts: 136
Joined: Thu Jan 07, 2010 10:33 am

Re: syslog issue

Post by MrRat »

Do you have your syslog server setup to pipe to mysql?
sharekhan
Cacti User
Posts: 57
Joined: Mon Apr 04, 2011 10:47 am

Re: syslog issue

Post by sharekhan »

Sir

i am using the below version ,

Cacti Version 0.8.7i
Plugin Architecture 3.1
Poller Type CMD.php
Server Info Linux 2.6.18-308.4.1.el5PAE
Web Server Apache/2.2.3 (CentOS)
PHP Version 5.3.3
PHP Extensions Core, date, ereg, libxml, openssl, pcre, zlib, bz2, calendar, ctype, hash, filter, ftp, gettext, gmp, session, iconv, Reflection, standard, shmop, SPL, SimpleXML, sockets, exif, tokenizer, xml, apache2handler, curl, dom, fileinfo, json, mysql, mysqli, PDO, pdo_mysql, pdo_sqlite, Phar, snmp, wddx, xmlreader, xmlwriter, xsl, zip
MySQL Version 5.0.95
RRDTool Version 1.4.7
SNMP Version 5.3.2.2
Plugins Global Plugin Settings (settings - v0.71)
Thresholds (thold - v0.4)
Syslog Monitoring (syslog - v1.22)
Host Info (hostinfo - v0.2)
Host Info (hostinfo - v0.2)
Update Checker (update - v0.4)
Realtime for Cacti (realtime - v0.35)
Network Tools (tools - v0.3)
===========================================================================================

i had not create the syslog database in mysql , its remain into the cacti database , below is the details.

mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| cacti |
| mysql |
+--------------------+
3 rows in set (0.00 sec)


mysql> show tables;
+---------------------------------+
| Tables_in_cacti |
+---------------------------------+
| cdef |
| cdef_items |
| colors |
| data_input |
| data_input_data |
| data_input_fields |
| data_local |
| data_template |
| data_template_data |
| data_template_data_rra |
| data_template_rrd |
| graph_local |
| graph_template_input |
| graph_template_input_defs |
| graph_templates |
| graph_templates_gprint |
| graph_templates_graph |
| graph_templates_item |
| graph_tree |
| graph_tree_items |
| host |
| host_graph |
| host_snmp_cache |
| host_snmp_query |
| host_template |
| host_template_graph |
| host_template_snmp_query |
| plugin_config |
| plugin_configstore_accounts |
| plugin_configstore_archive |
| plugin_configstore_backups |
| plugin_configstore_device_types |
| plugin_configstore_devices |
| plugin_configstore_sites |
| plugin_configstore_templates |
| plugin_db_changes |
| plugin_hooks |
| plugin_realms |
| plugin_thold_contacts |
| plugin_thold_log |
| plugin_thold_template_contact |
| plugin_thold_threshold_contact |
| plugin_update_info |
| poller |
| poller_command |
| poller_item |
| poller_output |
| poller_output_rt |
| poller_reindex |
| poller_time |
| rra |
| rra_cf |
| settings |
| settings_graphs |
| settings_tree |
| snmp_query |
| snmp_query_graph |
| snmp_query_graph_rrd |
| snmp_query_graph_rrd_sv |
| snmp_query_graph_sv |
| syslog |
| syslog_alert |
| syslog_facilities |
| syslog_host_facilities |
| syslog_hosts |
| syslog_incoming |
| syslog_logs |
| syslog_priorities |
| syslog_remove |
| syslog_removed |
| syslog_reports |
| syslog_statistics |
| thold_data |
| thold_template |
| user_auth |
| user_auth_perms |
| user_auth_realm |
| user_log |
| version |
| weathermap_auth |
| weathermap_data |
| weathermap_maps |
+---------------------------------+
82 rows in set (0.00 sec)
MrRat
Cacti User
Posts: 136
Joined: Thu Jan 07, 2010 10:33 am

Re: syslog issue

Post by MrRat »

you have to setup the syslog server to pipe the data into mysql.

http://docs.cacti.net/plugin:syslog.config
MrRat
Cacti User
Posts: 136
Joined: Thu Jan 07, 2010 10:33 am

Re: syslog issue

Post by MrRat »

I use syslog-ng and a seperate database for syslog but isnt all that different from using rsyslog, here is what I did.
In syslog-ng.conf I have

Code: Select all

source net { udp (); };
log { source (src); source(net); destination(net_logs); destination(d_mysql); };
and

Code: Select all

destination d_mysql {
    pipe("/tmp/mysql.pipe"
    template("INSERT INTO syslog_incoming (host, facility, priority, date, time, message) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );\n")
    template-escape(yes)
     );
};
Then I have the syslogtomysql script created

Code: Select all

#!/bin/bash
if [ ! -e /tmp/mysql.pipe ]; then
        mkfifo /tmp/mysql.pipe
fi

while [ -e /tmp/mysql.pipe ]
do
        mysql -u cactiuser -pcactiuser syslog < /tmp/mysql.pipe
done
Then I modified the syslog-ng init script to start and stop syslogtomysql also

Code: Select all

start() {
        checkconfig || return 1
        ebegin "Starting ${SVCNAME}"
        [ -n "${SYSLOG_NG_OPTS}" ] && SYSLOG_NG_OPTS="-- ${SYSLOG_NG_OPTS}"
        start-stop-daemon --start --pidfile "${SYSLOG_NG_PIDFILE}" --exec /usr/sbin/syslog-ng ${SYSLOG_NG_OPTS}; /usr/local/bin/syslogtomysql &
        eend $? "Failed to start ${SVCNAME}"
}

stop() {
        ebegin "Stopping ${SVCNAME}"
        start-stop-daemon --stop --pidfile "${SYSLOG_NG_PIDFILE}"; killall -9 syslogtomysql > /dev/null;rm /tmp/mysql.pipe
        eend $? "Failed to stop ${SVCNAME}"
        sleep 1 # needed for syslog-ng to stop in case we're restarting
}
User avatar
XTech
Cacti User
Posts: 59
Joined: Sat May 26, 2012 9:25 pm

Re: syslog issue

Post by XTech »

This syslog-ng.conf just works with separate cacti syslog database named "cactilog" and without syslogtomysql:

Code: Select all

options {
        long_hostnames(off);
        use_fqdn(on);
        flush_lines(0);
};

source s_local {
        unix-dgram("/dev/log");
        file("/proc/kmsg" log_prefix("kernel:"));
};

source s_remote {
        tcp(ip(0.0.0.0) port(514));
        udp(ip(0.0.0.0) port(514));
};

filter f_messages { level(info..emerg); };

destination d_cacti_sql {
        sql(type(mysql)
        host("localhost")
        username("syslog")
        password("password")
        database("cactilog")
        table("syslog_incoming")
        columns("facility","priority","date","time","host","message")
        values("$FACILITY","$LEVEL","$YEAR-$MONTH-$DAY","$HOUR:$MIN:$SEC","$HOST","$MSGONLY")
        indexes("facility","level")
        );
};

log { source(s_local); source(s_remote); filter(f_messages); destination(d_sql); destination(d_cacti_sql); };

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests