Nagios, syslog, splunk
Marc Powell
marc at ena.com
Wed Mar 14 14:57:41 CET 2007
> -----Original Message-----
> From: nagios-users-bounces at lists.sourceforge.net [mailto:nagios-users-
> bounces at lists.sourceforge.net] On Behalf Of Matthew Joyce
> Sent: Wednesday, March 14, 2007 2:00 AM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] Nagios, syslog, splunk
>
>
> I've been playing with Splunk of late, can anyone tell me how I might
> forward Nagios event logs to a remote splunk server ?
Nagios and Splunk have a partnership. I'm surprised that this isn't
documented somewhere.
> Is there a way to configure Nagios to send to two syslog servers, one
> remote ?
I don't use Splunk and I don't log nagios events to syslog but... Why
isn't it as simple as configuring syslog to send the appropriate
facility to multiple locations?
*.info /var/log/messages
*.info @splunk.server.one
*.info @some.other.server
You could probably narrow down the information you're sending to the
remote syslog server by using --
user.info @splunk.server.one
man syslog.conf for more detail.
--
Marc
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list