Syslog monitor addon beta

[cigamit]

Soo.. if I'm correct the setup.php should select records for alarm which have "status=1" ... I just checked my database and all records in my syslog_incoming database have status=0 ... where and how this status is changing? Why it is always stays 0?

Thoughts?

Igor

You will never see status=1 unless it is currently processing items. That is the column it uses to tell what it is currently processing, since as it processes items, more items are continuously pouring in.

[cigamit]

Ok I got everything to work now. Under:

Code: Select all

/* SEND OUT ALERTS ON THINGS WE SPECIFY */
	$alertarray = db_fetch_assoc("SELECT * FROM " . $haloe_config["alertTable"]);
	foreach ($alertarray as $alert) {
		$sql = '';
		$alertm = '';

Add:

Code: Select all

if ($alert['type'] == 'host') {
			$sql = 'select * from ' . $haloe_config["incomingTable"] . " where " . $haloe_config["hostField"] . "='" . $alert['msg'] . "' and status=1";
		}

Thanks for catching that. Its now fixed in my SVN version. BTW, why would you be using $alert['msg'] when the alert table isn't specifically setup that way originally?

[cigamit]

so what columns should be in the syslog and syslog_incoming tables? The bundled file syslog.sql is very inaccurate...

How so? The column names themselves are just the defaults. Your syslog-ng may be setup differently, but thats doesn't constitute the syslog.sql file as inaccurate, its just not the defaults for your setup. You could just have easily changed the syslog-ng table structure to use different column names.

[nahun]

BTW, why would you be using $alert['msg'] when the alert table isn't specifically setup that way originally?

Just because my syslog and syslog_incoming tables were like that and I felt like being consistent

[phantom_rgs]

Hi i´m new using this plugin!
I have instaled how a standard plugin installation, coping files and add haloe on config.php

open ok the syslog page, but no hosts show, what i need do more?

thanks for help.

[nahun]

Hi i´m new using this plugin!
I have instaled how a standard plugin installation, coping files and add haloe on config.php

open ok the syslog page, but no hosts show, what i need do more?

thanks for help.

Do you have a syslog database setup? And a syslog program inserting syslogs into the database? What version of the plugin are you using. Could you post your config.php and your syslog program's config file.

[phantom_rgs]

Hi i´m new using this plugin!
I have instaled how a standard plugin installation, coping files and add haloe on config.php

open ok the syslog page, but no hosts show, what i need do more?

thanks for help.

Do you have a syslog database setup? And a syslog program inserting syslogs into the database? What version of the plugin are you using. Could you post your config.php and your syslog program's config file.

thanks for help nahun

i think more easily you tell me how to full install syslog plugin. thanks for help.

[nahun]

i think more easily you tell me how to full install syslog plugin. thanks for help.

I think I'll write a general how-to in the information/howto's section soon. Look for it there sometime soon.

[phantom_rgs]

i think more easily you tell me how to full install syslog plugin. thanks for help.

I think I'll write a general how-to in the information/howto's section soon. Look for it there sometime soon.

ok i will

i have already haloe.sql imported (created) db in mysql and plugin installed only.

what need more? my cacti server is under windows.

[twelzy]

Hi everyone!

If I setup a event color to black (#000000), it can't be read in the syslog page because all the event text colors are also black!
So I need a workaround to resolve this issue...

Anyone?!

Thanks in advance!
(And sorry for my poor English...)

[twelzy]

I think that would be great if the facility and priority/level filters show the options in the correct order (ascending or descending):

Code: Select all

   Facility:
    - auth
    - authpriv
    - cron
    - daemon
    - kern
    - local0
    - local1
    - local2
    - local3
    - local4
    - local5
    - local6
    - local7
    - lpr
    - mail
    - mark
    - news
    - syslog
    - user
    - uucp

   Priority/Level:
    - emerg   (0)
    - alert   (1)
    - crit    (2)
    - err     (3)
    - warning (4)
    - notice  (5)
    - info    (6)
    - debug   (7)

Thanks in advance!

[spoonman]

Guys.........I've almost got this syslog plugin workin. I've got syslog-ng working fine. I see all kinds of good stuff rollin through my mysql.pipe fifo file. But here is what I see in the mysql.log file ////

ERROR 1054 (42S22) at line 1: Unknown column 'level' in 'field list'

Cant seem to track down where my error is in what config file???

THX

[spoonman]

Think its in my syslog-ng.conf file??>>

Here it is.

# all known message sources
source s_all {
# message generated by Syslog-NG
internal();
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log");
# messages from the kernel
file("/proc/kmsg" log_prefix("kernel: "));
# use the above line if you want to receive remote UDP logging messages
# (this is equivalent to the "-r" syslogd flag)
udp();
tcp();
};

# Mysql Database
# pipe messages to /var/log/mysql.pipe to be processed by mysql
destination d_mysql {
pipe("/var/log/mysql.pipe" template("INSERT INTO syslog_incoming (host, facility, priority, level, tag, date, time, program, message)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY', ' $HOUR:$MIN:$SEC', '$PROGRAM', '$MESSAGE'
);\n") template-escape(yes)
);
};

# MySQL Database
log { source(s_all); destination(d_mysql); };


Thanks for the help all!!!!

[cdukes]

Looks like your mysql table doesn't match your syslog-ng insert statement.

from mysql do this:

Code: Select all

show create table syslog_incoming \G

and make sure it matches the insert statement below:

Code: Select all

INSERT INTO syslog_incoming (host, facility, priority, level, tag, date, time, program, message)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY', ' $HOUR:$MIN:$SEC', '$PROGRAM', '$MESSAGE' 

This link may help also:
http://www.de.gentoo-wiki.com/HOWTO_setup_PHP-Syslog-NG

Think its in my syslog-ng.conf file??>>

Here it is.

# all known message sources
source s_all {
# message generated by Syslog-NG
internal();
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log");
# messages from the kernel
file("/proc/kmsg" log_prefix("kernel: "));
# use the above line if you want to receive remote UDP logging messages
# (this is equivalent to the "-r" syslogd flag)
udp();
tcp();
};

# Mysql Database
# pipe messages to /var/log/mysql.pipe to be processed by mysql
destination d_mysql {
pipe("/var/log/mysql.pipe" template("INSERT INTO syslog_incoming (host, facility, priority, level, tag, date, time, program, message)
VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY', ' $HOUR:$MIN:$SEC', '$PROGRAM', '$MESSAGE'
);\n") template-escape(yes)
);
};

# MySQL Database
log { source(s_all); destination(d_mysql); };


Thanks for the help all!!!!

[spoonman]

Do the tables have to match in exact order??

mysql> show create table syslog_incoming \G
*************************** 1. row ***************************
Table: syslog_incoming
Create Table: CREATE TABLE `syslog_incoming` (
`facility` varchar(10) default NULL,
`priority` varchar(10) default NULL,
`date` date default NULL,
`time` time default NULL,
`host` varchar(128) default NULL,
`message` text,
`seq` int(10) unsigned NOT NULL auto_increment,
`status` tinyint(4) NOT NULL default '0',
PRIMARY KEY (`seq`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1
1 row in set (0.01 sec)

mysql>


Thanks