Odd syslog-ng problem

Blake Dunlap ikiris at gmail.com
Sat May 10 22:00:24 UTC 2014


I use kibana / elasticsearch

-Blake

On Sat, May 10, 2014 at 2:15 PM, Anurag Bhatia <me at anuragbhatia.com> wrote:
> Another off topic (question) - what kind of fronted UI you use with syslog-ng? I see log analyser based on PHP is common. In my tests it worked fine but it’s major issue I saw was that I couldn’t sort all logs based on individual hosts/devices.
>
>
> What kind of open source web UI everyone is using, just wondering?
>
>
>
>
> Thanks.
>
>
>
> On 11-May-2014, at 12:19 am, jamie rishaw <j at arpa.com> wrote:
>
>> Off topic.
>> The issue is with the daemon, not your devices.
>>
>> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>>
>>
>> On Sat, May 10, 2014 at 4:24 AM, Peter Persson <webbax at webbax.se> wrote:
>>> Hey,
>>>
>>> I got a weird problem with my syslog-ng setup, im logging from alot of
>>> cisco machines and that works great.
>>> The problem is that when i "pass" this further to a shell program, some
>>> lines disapere.
>>>
>>> My destination looks like this
>>> destination hosts {
>>>   file("/var/log/ciscorouters/$HOST.log"
>>>   owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes));
>>>   program("/scripts/irc/syslog_wrapper_new.sh" template(t_irctempl));
>>> };
>>> The "/var/log/ciscorouters/$HOST.log" writes correct, but the data thats
>>> putted trough to "/scripts/irc/syslog_wrapper_new.sh" only get the first
>>> line, if it gets flooded (like 5 rows per second).
>>>
>>> Do anyone of you have any idea of what might be the problem?
>>>
>>> Regards,
>>> Peter
>>
>>
>>
>> --
>> jamie rishaw // .com.arpa at j <- reverse it. ish.
>>
>> "...let's consider this world like a family and care about each other..."
>>             -Malala Yousafzai
>
>
>
>
> --
> Anurag Bhatia
> anuragbhatia.com
>



More information about the NANOG mailing list