Hello,
I try to find a way to have a filter that allow me to add any unwanted message do be deleted.
I'd like to have 1 filter with every matching value in it. So far i try the following message filter with 'contend':
SEC_LOGIN-5-LOGIN|HA_EM-6-LOG|SYS-5-CONFIG|THRESHOLD_VIOLATION|REDUNDANCY
But I can't find a good way to write, as for looking into the code I can't find the right php who do that.
Anyone using syslog and having some filtering in place ?
Thanks
syslog removal message format
Moderators: Developers, Moderators
syslog removal message format
Test
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Re: syslog removal message format
I thought the SQL where method would support RLIKE (aka regex), so one rule should be able to do that.
Before history, there was a paradise, now dust.
Re: syslog removal message format
Yes, I create an error, and find the sql query that was used, then I was able to make my own query:
message REGEXP 'SEC_LOGIN-5-LOGIN|HA_EM-6-LOG|SYS-5-CONFIG|THRESHOLD_VIOLATION|REDUNDANCY|VSHD_SYSLOG_CONFIG'
message REGEXP 'SEC_LOGIN-5-LOGIN|HA_EM-6-LOG|SYS-5-CONFIG|THRESHOLD_VIOLATION|REDUNDANCY|VSHD_SYSLOG_CONFIG'
Test
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Re: syslog removal message format
No bug then? I guess feature request to add a test button....
Before history, there was a paradise, now dust.
Re: syslog removal message format
No no bug.
Or a little bit more explanation of the SQL rule!
I'm working on my syslog function, and I some other problem.
My cisco router send a different programname for each message, so i can't realy have a stistic by device, since all ar considered different.
I try to change the way rsyslog put value into the DB putting a '' (2 single comma) for the program name, but that give some error:
05/03/2020 16:34:08 - CMDPHP ERROR: A DB Exec Failed!, Error: Column count doesn't match value count at row 1
I have to find where it come from!
Or a little bit more explanation of the SQL rule!
I'm working on my syslog function, and I some other problem.
My cisco router send a different programname for each message, so i can't realy have a stistic by device, since all ar considered different.
I try to change the way rsyslog put value into the DB putting a '' (2 single comma) for the program name, but that give some error:
05/03/2020 16:34:08 - CMDPHP ERROR: A DB Exec Failed!, Error: Column count doesn't match value count at row 1
I have to find where it come from!
Test
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Almalinux
php 8.2.14
mariadb 10.6.16
Cacti 1.2.27
Spine 1.2.27
RRD 1.7.2
thold 1.8
monitor 2.5
syslog 3.2
flowview: 3.3
weathermap 1.0 Beta
Who is online
Users browsing this forum: No registered users and 1 guest