Questions tagged [RSYSLOG] (10)

1
answer

How to change hostnames in Loganalyzer?

Hello, please tell me why some host names in the output Loganalyzer is displayed as domain names, and the other part as IP addresses, I saw that my DNS server was missing A records for those hosts for which to display the IP addresses that are prescribed, but the conclusion still appears the IP address. Suggested that the p...
Rhiannon.Powlowski80 asked March 27th 20 at 12:40
0
answer

How to get output of rsyslog?

Hello As tradebait why does not a bunch of rsyslog -> logstash -> elasticsearch? Set up this tutorial will show The configs are identical, but the environment centos7: LOGSTASH:# cat /etc/logstash/conf.d/input.conf input { beats { port => 5044 } udp { host => "127.0.0.1" port => 10514 codec => "json...
Augustine_Daugherty asked March 24th 20 at 12:51
1
answer

Why do I see stdout app and from the container in /var/log/syslog host, although nothing is set up?

The scheme is as follows. If the application logs to stdout. Running it in a Docker container. That, in turn, starts through systemd. In the end, I see logs in /var/log/syslog host. But I didn't set up. Everything is default. It is unclear which path works. Tell me what mechanism works? Systemd sends logs or Docker? Well an...
doug_Daugherty asked March 23rd 20 at 20:37
1
answer

How to run rsyslog in a docker container via supervisor?

Hi all. There are 2 Docker container each have rsyslog running when you start the container via supervisor[program:rsyslogd] command=rsyslogd -n One container is the rsyslog server, the second client must send him the logs, the connection between the containers is, but the logs don't go between them. If you go into each con...
danny12 asked March 20th 20 at 12:07
0
answer

How to replace text in rsyslog msg?

Raised server rsyslogd on CentOS, collected logs including ViPNet coordinator HW1000, come these messages:Message [03-18 16:54:19] CConfig.UpdateIpsForId: natsettings for NNNN002A: firewallip = 192.168.1.101, forwardip = 192.168.1.101, port = 55777, timeout = 0, virtualip = A000019, proxyid = NNNN000A, flags:BROADCAST ELAPS...
amber.Kun asked March 18th 20 at 21:44
1
answer

How to configure rsyslog?

You need to make the logging program in a separate directory . Configure the rotate-that-be at every restart of the service log files are created new . Log to a separate directory I have made . But how to set something to eliminate "node" and the log are not recorded in /var/log/syslog ? Thank You In Advance ))
ubaldo.Gusikowski asked March 15th 20 at 22:14
2
answers

Zentralisierung syslog server, and further analysis of collected data?

Hello, in General with the rise of centralized log server is no problem. I would like to learn than to disassemble to organize these logs, and to send notifications. looked OSSIM but he was too heavy. I would be grateful if anyone can share their experience Thank you
jarret_Swaniawski asked October 9th 19 at 17:09
1
answer

What may not work two modules Rsyslog at the same time?

The essence of the issue: Set up centralized collection of logs by means of Rsyslog. Server-collector: Ubuntu. The logs arrive on the server, then by means of the ommysql plug-in is written in database and LogAnalyzer analyzes from there. Faced with a problem: I would Like to make an email notification when I log into serve...
agustin_Breitenberg asked September 18th 19 at 16:19
0
answer

As for rsyslog to replace the date and time?

Use rsyslog to receive logs from remote devices. In some of the connected devices is not running the time synchronization in the end, the logs time rolls correctly. At the moment, we use the breakdown of logs by source fromhost-ip:$template FILENAME,"/var/log/%fromhost-ip%/syslog.log" *.* ?FILENAME Wanted to entering the fi...
nikita.Stracke asked September 15th 19 at 12:39
0
answer

How to do in Mysql Rsyslog sending critical messages on the mail or run a script?

How to make for example with the appearance of critical messages were sent email or ran a script(for example sending SMS through modem)
nikita.Stracke asked July 31st 19 at 18:39