log permission problem

Your problem with the linux client is most likely due to insufficient privileges. the user zabbix must be able to have read access to the log files you with to monitor.

Thanks for the reply... I will check the permissions. I have a knack for usually missing the obvious thing.

Syntax

I have checked the permissions on the log files and the zabbix user has read permissions to it. If possible can anybody post the correct syntax for creating items to check the log files for unix and window. It would be a great help.

Perhaps try changing your key from: [log[/var/log/syslog]]

to: log[/var/log/syslog]

My settings are otherwise identical and it works.

You may also want to make sure that zabbix has at least execute, or read execute privileges on /var and /var/log subdirectories or else the zabbix agent will still be unable to retrieve the logs

- Paul

Thanks

thanks for the information paul... I will try it out.

Still no luck

I have checked the permissions on the log files in linux, and tried everything that was suggested but still no luck. Has anybody got this to work in zabbix?

Yes, it works for me.

What is the content of the log file you are trying to monitor?

I've noticed that it works on my /var/log/messages file, but it fails on my tomcat/catalina.out log files.

I expect it has something to do with the format of the log files and whether the agent is capable of determining the timestamp of the log messages.

Can you test it on another log file that has timestamps with every line?

- Paul

I am experiencing the same problems.. And user zabbix has permissions to read the file, that is why I don't understand why it dows not check the file and update it on the server.

Any ideas? Could you post your server and cliente config files to see if I am doing anything wrong?

Thanks in advance,

Jose Simoes

My Server and Agent Log files

I took out the comments and some database related information, but this is what my server and agent conf files look like. I havent had any luck with monitoring Unix/Linux system logs as of yet but I can monitor windows logs. the only problem is once you clear out the system eventlog on a server being monitored it stops sending any updated log messages to Zabbix, I am not sure what might be causing that.

zabbix_server.conf
-------------------------------
Server=1
StartPollers=6
StartTrappers=5


#ListenIP=127.0.0.1

ListenPort=10051
HousekeepingFrequency=1
SenderFrequency=30
#DisableHousekeeping=1

DebugLevel=3
Timeout=5
#UnreachablePeriod=45
#UnavailableDelay=15
#UnavailableDelay=60
PidFile=/var/tmp/zabbix_server.pid
LogFile=/tmp/zabbix_server.log
AlertScriptsPath=/home/zabbix/bin/

#FpingLocation=/usr/sbin/fping
#PingerFrequency=30
# Default is localhost
#DBHost=localhost
# Database name

zabbix_agentd.conf
-------------------------------
Server=127.0.0.1
Hostname=localhost
#ListenPort=10050
#ListenIP=127.0.0.1
StartAgents=5
#RefreshActiveChecks=120
#DisableActive=1
#EnableRemoteCommands=1
DebugLevel=3
PidFile=/var/tmp/zabbix_agentd.pid
LogFile=/tmp/zabbix_agentd.log
Timeout=3
####### USER-DEFINED MONITORED PARAMETERS #######
# Format: UserParameter=<key>,<shell command>
# Note that shell command must not return empty string or EOL only
#UserParameter=system.test,who|wc -l
### Set of parameter for monitoring MySQL server (v3.23.42 and later)
### Change -u<username> and add -p<password> if required
#UserParameter=mysql.ping,mysqladmin -uroot ping|grep alive|wc -l
#UserParameter=mysql.uptime,mysqladmin -uroot status|cut -f2 -d":"|cut -f1 -d"T"
#UserParameter=mysql.threads,mysqladmin -uroot status|cut -f3 -d":"|cut -f1 -d"Q"
#UserParameter=mysql.questions,mysqladmin -uroot status|cut -f4 -d":"|cut -f1 -d"S"
#UserParameter=mysql.slowqueries,mysqladmin -uroot status|cut -f5 -d":"|cut -f1 -d"O"
#UserParameter=mysql.qps,mysqladmin -uroot status|cut -f9 -d":"
#UserParameter=mysql.version,mysql -V