Syslog monitor addon beta

bidzer · Post by **bidzer** » Fri Mar 28, 2008 12:53 pm

Is there anyway to have syslog translate the IP when a syslog message is received? Is it possible to use the hosts table? I don't see any way of doing this. Any help is greatly appreciated!!!

spoonman · Post by **spoonman** » Fri Mar 28, 2008 1:22 pm

If your using Syslog-ng >>>
Syslog-ng.conf
-----------------

options {
sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no); <<<< change to yes and restart service
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
};

bidzer · Post by **bidzer** » Fri Mar 28, 2008 1:34 pm

Thanks for your reply!!!

I'm using the loopback interfaces as the source interfaces and those aren't in DNS. I have a hosts file on the box. Can I point syslog-ng to query the host table?

spoonman · Post by **spoonman** » Fri Mar 28, 2008 1:43 pm

Sounds like that's your only option...hosts file.

bidzer · Post by **bidzer** » Fri Mar 28, 2008 1:55 pm

I don't see any option to do it unless maybe there's a hack around.

bidzer · Post by **bidzer** » Fri Mar 28, 2008 2:09 pm

I finally got it to work. I had to add these 3 lines to my syslog-ng.conf file:

options {
use_dns(yes);
dns_cache(yes);
dns_cache_size(200);

This is awesome!!

bmarofsky · Post by **bmarofsky** » Thu Apr 03, 2008 10:40 am

I am having trouble getting the colors of the highlighting to show.
I have this in my config.php in the syslog plugin directory:

// Background colors, change/add/delete to suit
// Not all these are necessary, they are according to the messages in your DB
$syslog_colors['Emerg'] = 'FF0000';
$syslog_colors['Critical'] = 'FFD700';
$syslog_colors['Notice'] = '0000FF';
$syslog_colors['Info'] = '7FFF00';
$syslog_colors['Debug'] = '808080';

$syslog_colors['alert'] = 'FF8C00';
$syslog_colors['err'] = 'A52A2A';
$syslog_colors['crit'] = 'FFD700';
$syslog_colors['warn'] = '9932CC';
$syslog_colors['notice'] = '0000FF';
$syslog_colors['info'] = '7FFF00';
$syslog_colors['debug'] = '808080';

Does the text in ' ' need to match exactly with the text in the priority field of my database or can I use wild cards?

Thanks,

Post by **TheWitness** » Thu Apr 03, 2008 11:01 pm

Brian,

With Jimmy's assistance, there is something nice cooking up in the Cacti Group's SVN at the moment. I will add this to the list of enhancements.

To answer your question, my guess is that it's pretty stupid.

TheWitness

bmarofsky · Post by **bmarofsky** » Fri Apr 04, 2008 5:41 am

I'm a little groggy in the AM. So what does that mean? Is the highlighting a feature that does or does not work?

TheWitness wrote:Brian,

With Jimmy's assistance, there is something nice cooking up in the Cacti Group's SVN at the moment. I will add this to the list of enhancements.

To answer your question, my guess is that it's pretty stupid.

TheWitness

noflies · Post by **noflies** » Fri Apr 04, 2008 6:37 am

It currently needs to match.
In my infinite lazyness, I created this SNIPPET for my <cacti_path>/plugins/syslog/config.php

Code: Select all

//  Background colors, change/add/delete to suit
//  Not all these are necessary, they are according to the messages in your DB
$syslog_colors["Emerg"]                 = "FF0000";
$syslog_colors["emerg"]                 = "FF0000";
$syslog_colors["Emergency"]             = "FF0000";
$syslog_colors["emergency"]             = "FF0000";
$syslog_colors["Alert"]                 = "FF0000";
$syslog_colors["alert"]                 = "FF0000";
$syslog_colors["Crit"]                  = "EACC00";
$syslog_colors["crit"]                  = "EACC00";
$syslog_colors["Critical"]              = "EACC00";
$syslog_colors["critical"]              = "EACC00";
$syslog_colors["Err"]                   = "F5F800";
$syslog_colors["err"]                   = "F5F800";
$syslog_colors["Error"]                 = "F5F800";
$syslog_colors["error"]                 = "F5F800";
$syslog_colors["Warn"]                  = "0000FF";
$syslog_colors["warn"]                  = "0000FF";
$syslog_colors["Warning"]               = "0000FF";
$syslog_colors["warning"]               = "0000FF";
$syslog_colors["Notice"]                = "00FF00";
$syslog_colors["notice"]                = "00FF00";
$syslog_colors["Info"]                  = "CDCFC4";
$syslog_colors["info"]                  = "CDCFC4";
$syslog_colors["Debug"]                 = "FFFFFF";
$syslog_colors["debug"]                 = "FFFFFF";

//  Font Text colors (defaults to 000000)
$syslog_text_colors['Emerg']            = 'FFFFFF';
$syslog_text_colors['emerg']            = 'FFFFFF';
$syslog_text_colors['Emergency']        = 'FFFFFF';
$syslog_text_colors['emergency']        = 'FFFFFF';
$syslog_text_colors['Alert']            = 'FFFFFF';
$syslog_text_colors['alert']            = 'FFFFFF';
$syslog_text_colors['Crit']             = '';
$syslog_text_colors['crit']             = '';
$syslog_text_colors['Critical']         = '';
$syslog_text_colors['critical']         = '';
$syslog_text_colors['Err']              = '';
$syslog_text_colors['err']              = '';
$syslog_text_colors['Error']            = '';
$syslog_text_colors['error']            = '';
$syslog_text_colors['Warn']             = 'FFFFFF';
$syslog_text_colors['warn']             = 'FFFFFF';
$syslog_text_colors['Warning']          = 'FFFFFF';
$syslog_text_colors['warning']          = 'FFFFFF';
$syslog_text_colors['Notice']           = '';
$syslog_text_colors['notice']           = '';
$syslog_text_colors['Info']             = '';
$syslog_text_colors['info']             = '';
$syslog_text_colors['Debug']            = '000000';
$syslog_text_colors['debug']            = '000000';

[/code]

Post by **TheWitness** » Fri Apr 04, 2008 6:38 am

This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness

bmarofsky · Post by **bmarofsky** » Fri Apr 04, 2008 7:03 am

I tried yours and it didn't work either.

Could the problem be that the LEVEL column is displaying a combined Facility.Level value?

noflies wrote:It currently needs to match.
In my infinite lazyness, I created this SNIPPET for my <cacti_path>/plugins/syslog/config.php

Code: Select all

//  Background colors, change/add/delete to suit
//  Not all these are necessary, they are according to the messages in your DB
$syslog_colors["Emerg"]                 = "FF0000";
$syslog_colors["emerg"]                 = "FF0000";
$syslog_colors["Emergency"]             = "FF0000";
$syslog_colors["emergency"]             = "FF0000";
$syslog_colors["Alert"]                 = "FF0000";
$syslog_colors["alert"]                 = "FF0000";
$syslog_colors["Crit"]                  = "EACC00";
$syslog_colors["crit"]                  = "EACC00";
$syslog_colors["Critical"]              = "EACC00";
$syslog_colors["critical"]              = "EACC00";
$syslog_colors["Err"]                   = "F5F800";
$syslog_colors["err"]                   = "F5F800";
$syslog_colors["Error"]                 = "F5F800";
$syslog_colors["error"]                 = "F5F800";
$syslog_colors["Warn"]                  = "0000FF";
$syslog_colors["warn"]                  = "0000FF";
$syslog_colors["Warning"]               = "0000FF";
$syslog_colors["warning"]               = "0000FF";
$syslog_colors["Notice"]                = "00FF00";
$syslog_colors["notice"]                = "00FF00";
$syslog_colors["Info"]                  = "CDCFC4";
$syslog_colors["info"]                  = "CDCFC4";
$syslog_colors["Debug"]                 = "FFFFFF";
$syslog_colors["debug"]                 = "FFFFFF";

//  Font Text colors (defaults to 000000)
$syslog_text_colors['Emerg']            = 'FFFFFF';
$syslog_text_colors['emerg']            = 'FFFFFF';
$syslog_text_colors['Emergency']        = 'FFFFFF';
$syslog_text_colors['emergency']        = 'FFFFFF';
$syslog_text_colors['Alert']            = 'FFFFFF';
$syslog_text_colors['alert']            = 'FFFFFF';
$syslog_text_colors['Crit']             = '';
$syslog_text_colors['crit']             = '';
$syslog_text_colors['Critical']         = '';
$syslog_text_colors['critical']         = '';
$syslog_text_colors['Err']              = '';
$syslog_text_colors['err']              = '';
$syslog_text_colors['Error']            = '';
$syslog_text_colors['error']            = '';
$syslog_text_colors['Warn']             = 'FFFFFF';
$syslog_text_colors['warn']             = 'FFFFFF';
$syslog_text_colors['Warning']          = 'FFFFFF';
$syslog_text_colors['warning']          = 'FFFFFF';
$syslog_text_colors['Notice']           = '';
$syslog_text_colors['notice']           = '';
$syslog_text_colors['Info']             = '';
$syslog_text_colors['info']             = '';
$syslog_text_colors['Debug']            = '000000';
$syslog_text_colors['debug']            = '000000';

[/code]

bmarofsky · Post by **bmarofsky** » Fri Apr 04, 2008 8:15 am

TheWitness wrote:This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness

OK, it appears to have been working (as per a post on page 1 or 2). Maybe that was a previous version.

I would really like to see this feature in action.

bmarofsky · Post by **bmarofsky** » Sun Apr 06, 2008 3:33 pm

I got it! Kiwi's mapping was wrong. I had priority mapped to priority instead of level.

Looks great!

bmarofsky wrote:
TheWitness wrote:This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness
OK, it appears to have been working (as per a post on page 1 or 2). Maybe that was a previous version.

I would really like to see this feature in action.

mcutting · Post by **mcutting** » Tue May 20, 2008 11:41 am

Hi bmarofsky,

Could you explain your mapping settings in KIWI please ?

Thanks

Cacti

Syslog monitor addon beta

IP to Hostname?

IP address not registered

Working!!!!

Who is online