Not Comsuming Syslog Messages

-bash-4.2$ ./validate.php
====================================
Component | Version
--------- | -------
LibreNMS  | 1.65-46-g5a45060
DB Schema | 2020_06_23_00522_alter_availability_perc_column (170)
PHP       | 7.3.20
Python    | 3.6.8
MySQL     | 5.5.65-MariaDB
RRDTool   | 1.4.8
SNMP      | NET-SNMP 5.7.2
====================================

I just installed LibreNMS on CentOS 7. Everything is good with the ./validate.php. I have rsyslog set up and Syslog messages are being populated into the correct log file. I have turned off the firewall and selinux. I have validated DNS with forward and reverse lookups. I have also reboot the VMs.

The issue is that Syslog messages are making into LibreNMS VM but are not being forwarded from rsyslog to LibreNMS. The VM that hosts LibreNMS does have its Syslog messages forwarded but not any other VM. One more symptom I see is that the Event View has not pulled any messages from the VM for the last 2 days. There has not been any network changes in the past few days either.

/opt/librenms/syslog.php is the same as what is on here

“/opt/librenms/config.php”
### Enable Syslog
$config[‘enable_syslog’] = 1;
$config[‘syslog_purge’] = 30;

Any help would be appreciated, thanks.

After a lot of poking around, I uncommented the logfile($line); line in /opt/librenms/syslog.php and saw my Rsyslog entries coming into LibreNMS. Rsyslog is using the short name. In the /opt/librenms/logs/librenms.log file, I noticed the entries being ported from Rsyslog had the FQDN instead of the short name. In a previous setup of LibreNMS, this was not the case.

I ended up deleted all my devices and then adding them with the FQDN which solved my issues.

1 Like

There is a rename option too :wink: