RSyslog monitoring?

Thomas Guyot-Sionnest dermoth at aei.ca
Mon Apr 12 06:54:37 CEST 2010

Previous message: RSyslog monitoring?
Next message: Plugin fails with epn
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/04/10 06:08 AM, Kevin Keane wrote:
> I would like to find a way to monitor syslog entries using rsyslog 4.4
> rules before they are ever written to a log file. The log parsing
> plugins I found on MonitoringExchange aren?t useful for my purpose.
> 
>  
> 
> I have three main requirements:
> 
> -          I need to have ?negative logic?: I want to provide a list of
> patterns NOT to forward to Nagios ? all unknown log entries should be
> sent to nagios.
> 
> -          It needs to be realtime, or nearly so. Ideally, I?d like to
> use rsyslog rules to classify log messages and forward them to Nagios as
> passive-check results.
> 
> -          It needs to be reasonably high performance. This syslog
> receives quite a few log entries per second (most of which would be
> discarded of course).
> 
>  
> 
> Has anybody else already done something like this?

I wrote one, although it's really implemented toward Windows Event logs
sent to syslog with EvtSys.

http://solaris.beaubien.net/~dermoth/pages/nagios/windows-eventlog.php


A more generic project would be EventDB, although I never tried it.

http://www.nagioswiki.org/wiki/Addon:EventDb

- --
Thomas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFLwqeN6dZ+Kt5BchYRAuffAJ9QOZcHcagSciPUZfYobLbCIXUCoQCg+tlH
Cwq4nirqagA8dA5PBeVWtDw=
=X7bC
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: RSyslog monitoring?
Next message: Plugin fails with epn
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list