4.3.21 Monitoring log files
usaims at yahoo.com
Fri Aug 14 21:19:34 CEST 2015
I'll try not to span this time.
I just installed '4.3.21' server on a Raspberry Pi Debian.
Additionally, I just compiled '4.3.21' as a client on a Raspberry Pi Debian.
Xymon is going to be used to monitor one server, a network intrusion software called snort.
I'm going to monitor one log file which has all the detected alerts. If an alert comes in, I want Xymon to be red.
So, I went to the xymon server and modified the 'client-local.cfg':
'snort' is the name of the sniffer server and I only want to monitor '/var/log/snort/alert' file.
Then I went to the 'analysis.cfg' on the xymon server and added:
LOG /var/log/snort/alert ERROR COLOR=red
I waited 20 minutes and I'm getting:
No log data available
The client did not report any logfile data
I do see green happy faces on conn, disk, info, memory but 'msgs' is white.
I had this working on a very old version of 'xymon' a while ago but this is the first time I'm using the latest and greatest.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon