monitoring multiple log files on a single syslog server
usa ims
usaims at yahoo.com
Mon Dec 29 19:29:42 CET 2014
Greetings,
I'm monitoring multiple log files on a single syslog server.
I have a syslog server that stores the apache error logs in a server named ‘syslogserver’ looking for the word ‘CurlTransfer’.
When xymon finds the word ‘CurlTransfer’ it sends an alert but it alerts that it is coming from ‘syslogserver’ and the guys are complaining that ‘nongreen.html’ is reporting the servername rather than the actual name of the server where the error originated from.
Is there a way if xymon finds the word ‘CurlTransfer’ in ‘/opt/syslogs/Server09/apache2.error.log’, to get it to report in the ‘msgs’ column that it came from ‘Server09’?
Here is my current config for this.
[syslogserver]
log:/opt/syslogs/Server09/apache2.error.log:4096
log:/opt/syslogs/Server10/apache2.error.log:4096
log:/opt/syslogs/Server11/apache2.error.log:4096
log:/opt/syslogs/Server12/apache2.error.log:4096
log:/opt/syslogs/Server13/apache2.error.log:4096
I have configured my analysis.cfg with:
HOST= syslogserver
LOG /opt/syslogs/Server09/apache2.error.log CurlTransfer COLOR=red
LOG /opt/syslogs/Server10/apache2.error.log CurlTransfer COLOR=red
LOG /opt/syslogs/Server11/apache2.error.log CurlTransfer COLOR=red
LOG /opt/syslogs/Server12/apache2.error.log CurlTransfer COLOR=red
LOG /opt/syslogs/Server13/apache2.error.log CurlTransfer COLOR=red
Thanks in advance.
usaims
More information about the Xymon
mailing list