Ad Widget

Collapse

Juniper syslog zabbix trapper monitoring idea.

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • TheRiderU
    Member
    • May 2018
    • 31
    #1

    Juniper syslog zabbix trapper monitoring idea.

    Hello community,

    I have my Juniper firewall and this device sends me a syslog report to any server i want, it don't exist a syslog file on the juniper itself.
    So i need to monitor this syslog report for specific word patterns.
    so how can i do that? anyone have an idea?
    my idea was that i send the syslog report to a Zabbix server and then monitor it with zabbix_agent(active) with log[] or logrt[].
    Tags: None
    • kernbug
      Senior Member
      • Feb 2013
      • 330
      #2
      Originally posted by TheRiderU
      Hello community,

      I have my Juniper firewall and this device sends me a syslog report to any server i want, it don't exist a syslog file on the juniper itself.
      So i need to monitor this syslog report for specific word patterns.
      so how can i do that? anyone have an idea?
      my idea was that i send the syslog report to a Zabbix server and then monitor it with zabbix_agent(active) with log[] or logrt[].
      Hi

      Install and configure syslogd/syslog-ng/etc on Zabbix Server to receive syslog from Juniper hosts. And you will be able to monitor log files from Zabbix.

        Comment

        • TheRiderU
          Member
          • May 2018
          • 31
          #3
          Originally posted by kernbug

          Hi

          Install and configure syslogd/syslog-ng/etc on Zabbix Server to receive syslog from Juniper hosts. And you will be able to monitor log files from Zabbix.
          and the item or trigger will look like what? wich type i need to choose?

            Comment

            • kloczek
              Senior Member
              • Jun 2006
              • 1771
              #4
              Originally posted by TheRiderU
              Hello community,

              I have my Juniper firewall and this device sends me a syslog report to any server i want, it don't exist a syslog file on the juniper itself.
              Bettrer would be switch to use SNMP traps.
              http://uk.linkedin.com/pub/tomasz-k%...zko/6/940/430/
              https://kloczek.wordpress.com/
              zapish - Zabbix API SHell binding https://github.com/kloczek/zapish
              My zabbix templates https://github.com/kloczek/zabbix-templates

                Comment

                • kernbug
                  Senior Member
                  • Feb 2013
                  • 330
                  #5
                  Originally posted by kloczek
                  Bettrer would be switch to use SNMP traps.
                  In all cases it's not bad to have logs from network devices.

                    Comment

                    • TheRiderU
                      Member
                      • May 2018
                      • 31
                      #6
                      Originally posted by kernbug

                      In all cases it's not bad to have logs from network devices.
                      So how can i filter the logs with the Zabbix items or triggers. wich type i need to choose?

                        Comment

                        • kernbug
                          Senior Member
                          • Feb 2013
                          • 330
                          #7
                          Originally posted by TheRiderU

                          So how can i filter the logs with the Zabbix items or triggers. wich type i need to choose?
                          kloczek is right, you need to use SNMP checks/traps. Syslog logs are useful in case of problem analysis.

                          3 SNMP traps
                          https://www.zabbix.com/documentation/3.4/manual/config/items/itemtypes/snmptrap
                          Last edited by kernbug; 14-06-2018, 06:25.

                            Comment

                            Previous template Next
                            Working...