Hi guys, I already integrated rsyslog on my lnms platform.
This is working ok and im recibing messages on upd port 514 , and can see them on my lnms.
Problem is that rsyslog is also exporting system messages to librenms db , so:
How should I set rsyslog config to avoid exporting local system meesages to librenms ?
Just want to import remote log messages.
btw:
Im also looking into rsyslog documentation.
Thanks.
Ok , have some update on this:
Lets supose I want to trigger login on lnms only for certain host , I can do on (/etc/rsyslog.d/30-librenms.conf):
module(load="omprog")
template(name="librenms"
type="string"
string= "%fromhost%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timegenerated:8:25%||%msg%||%programname%\n")
if $fromhost-ip == "172.30.6.100" then {
action(type="omprog"
binary="/opt/librenms/syslog.php"
template="librenms")
}
& stop
This seems to be working , now , local logs are not present in lnms but have some error messages:
error during parsing file /etc/rsyslog.d/30-librenms.conf, on or before line 14: syntax error on token '&' [v8.24.0-57.el7_9 try http://www.rsyslog.com/e/2207 ]
I need to change the “$fromhost-ip == [ip]” for something like “$fromhost-ip != 127.0.0.1”
but can not make this work.
Hope someone can helpme to achieve this.
Regards.
Leandro.
ok , I got it!!!
This is working: (inserting following before the *. info;mail bla bla , (provided line) in rsyslogd.conf.
module(load=“omprog”)
template(name=“librenms”
type=“string”
string= “%fromhost%||%syslogfacility%||%syslogpriority%||%syslogseverity%||%syslogtag%||%$year%-%$month%-%$day% %timegenerated:8:25%||%msg%||%programname%\n”)if $fromhost-ip != ‘127.0.0.1’ then {
action(type="omprog" binary="/opt/librenms/syslog.php" template="librenms") stop }*.info;mail.none;authpriv.none;cron.none /var/log/messages
Hope it helps someone.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.