Hi All,
I have created a text file monitoring job to watch my syslog for drops from the firewall. I checked the log file and it keeps going not supported and I'm not sure why:
Here's the entry from the zabbix_server.log
Here is how I created the key:
log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]
And here is a line from the file /var/log/messages I want to capture:
Nov 22 22:00:13 router kernel: [WAN_LOCAL-default-D]IN=eth0 OUT= MAC=XXXXXXXXXXXXXXXXXXXXXXXXXXXX SRC=11.22.33.44DST=99.88.77.66LEN=40 TOS=0x00 PREC=0x00 TTL=87 ID=0 DF PROTO=TCP SPT=443 DPT=51825 WINDOW=0 RES=0x00 RST URGP=0
Is it that I did the date format incorrectly?
MMMpddphh:mm:ss ?
Thanks.
I have created a text file monitoring job to watch my syslog for drops from the firewall. I checked the log file and it keeps going not supported and I'm not sure why:
Here's the entry from the zabbix_server.log
Code:
[root@sentinel zabbix]# more zabbix_server.log | grep messages
2095:20131122:215515.274 send_list_of_active_checks_json() Item 'log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]' was suc cessfully found in the server cache. Sending.
2095:20131122:215515.274 In substitute_key_macros() data:'log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]'
2095:20131122:215515.274 End of substitute_key_macros():SUCCEED data:'log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]'
"key":"log[\"\/var\/log\/messages\",\"WAN_LOCAL-default-D\",\"UTF-8\",100]",
"key":"log[\"\/var\/log\/messages\",\"WAN_LOCAL-default-D\",\"UTF-8\",100]",
2142:20131122:215520.580 item [Zabbix server:log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]] became not supported: ZBX_N OTSUPPORTED
[root@sentinel zabbix]#
log["/var/log/messages","WAN_LOCAL-default-D","UTF-8",100]
And here is a line from the file /var/log/messages I want to capture:
Nov 22 22:00:13 router kernel: [WAN_LOCAL-default-D]IN=eth0 OUT= MAC=XXXXXXXXXXXXXXXXXXXXXXXXXXXX SRC=11.22.33.44DST=99.88.77.66LEN=40 TOS=0x00 PREC=0x00 TTL=87 ID=0 DF PROTO=TCP SPT=443 DPT=51825 WINDOW=0 RES=0x00 RST URGP=0
Is it that I did the date format incorrectly?
MMMpddphh:mm:ss ?
Thanks.
Comment