syslog-ng and zabbix log

karol

Junior Member

Joined: May 2013

Posts: 4
#1

syslog-ng and zabbix log

01-06-2014, 07:56

Hi all,
currently I use syslog-ng to collect log messages from cisco devices. Everything goes into /var/log/cisco.log and zabbix transport text into frontend by log monitoring function. When I am interested on specyfic device I must put IP address and after this I can watch logs on interested machine. Is known solution how to add hostname from fronted and make search with hostname as a search key?

now:
Timestamp Local time Value
2014.Jun.01 06:33:08 Jun 1 06:33:02 10.156.2.XX 000452: Jun 1 04:33:01.707: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

slolution:
2014.Jun.01 06:33:08 Jun 1 06:33:02 West-Station 000452: Jun 1 04:33:01.707: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
Tags: None
gleepwurp

Senior Member

Joined: Mar 2014

Posts: 119
#2

05-06-2014, 05:45

Hi Karol,

I'd guess you need to configure syslog-ng to resolve your hostnames... You would need to put in the IP-address/hostname association in /etc/hosts, and add the following in your syslog-ng.conf file:

Code:

# Resolve hostname locally - persist_only wants to resolve hostname locally use_dns(persist_only); dns_cache_hosts(/etc/hosts)

This should put in your resolved hostname instead of the IP address in your global log.

You can look here for additional details: http://www.googlux.com/syslog-ng_conf_server.html

Gleepwurp.
Comment

Ad Widget

syslog-ng and zabbix log

syslog-ng and zabbix log

Comment