Anyone using syslog-ng / sec for host log monitoring?

Brian Huffman bhuffman at incyte.com
Fri Jun 3 15:09:26 CEST 2005


What do you use to do the actual filtering / pattern matching?
Currently I have syslog-ng running on my nagios box but with two
destinations:  1 file per machine and then one stream which I pipe to
sec.  This works, but makes it tricky to maintain a configuration file
for sec, which takes into account differences in each server.

Thanks,
Brian

-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Daniel
maher
Sent: Thursday, June 02, 2005 5:07 PM
To: nagios-users at lists.sourceforge.net
Subject: RE: [Nagios-users] Anyone using syslog-ng / sec for host log
monitoring?

I've currently got a site set up where numerous Windows and Linux
machines are reporting to the Nagios box, which is running syslog-ng.
I've got syslog-ng set up to pipe each log stream to a separate file,
which helps to keep things nice and segregated; this, of course, also
means that I don't have to worry about writing match strings with the
server name, since each server has it's own file.


Daniel Maher
System Engineer
ACE TECHNOLOGY INC.
 
 

-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Brian
Huffman
Sent: June 2, 2005 4:25 PM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Anyone using syslog-ng / sec for host log
monitoring?

If so, are you running sec locally for each host or are you using
syslog-ng to consolidate all logs on one central host and then running
sec there?  I am currently consolidating all syslogs on one server (my
nagios server) and then using sec to parse all messages as they come in.
I'm finding that it's a little trickier to write the match strings when
you have to take the server name into account.

Thanks,
Brian


-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=fad-ysdn-ostg-q22005
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null



-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=fad-ysdn-ostg-q22005
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list