Syslog monitor addon beta

General discussion about Plugins for Cacti

Moderators: Moderators, Developers

Post Reply
Author
Message
bidzer
Posts: 30
Joined: Tue Jun 20, 2006 12:49 pm

IP to Hostname?

#271 Post by bidzer » Fri Mar 28, 2008 12:53 pm

Is there anyway to have syslog translate the IP when a syslog message is received? Is it possible to use the hosts table? I don't see any way of doing this. Any help is greatly appreciated!!!

spoonman
Cacti User
Posts: 299
Joined: Tue May 03, 2005 8:54 am
Location: GA

#272 Post by spoonman » Fri Mar 28, 2008 1:22 pm

If your using Syslog-ng >>>
Syslog-ng.conf
-----------------

options {
sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no); <<<< change to yes and restart service
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
};

bidzer
Posts: 30
Joined: Tue Jun 20, 2006 12:49 pm

IP address not registered

#273 Post by bidzer » Fri Mar 28, 2008 1:34 pm

Thanks for your reply!!!

I'm using the loopback interfaces as the source interfaces and those aren't in DNS. I have a hosts file on the box. Can I point syslog-ng to query the host table?

spoonman
Cacti User
Posts: 299
Joined: Tue May 03, 2005 8:54 am
Location: GA

#274 Post by spoonman » Fri Mar 28, 2008 1:43 pm

Sounds like that's your only option...hosts file.

bidzer
Posts: 30
Joined: Tue Jun 20, 2006 12:49 pm

#275 Post by bidzer » Fri Mar 28, 2008 1:55 pm

I don't see any option to do it unless maybe there's a hack around.

bidzer
Posts: 30
Joined: Tue Jun 20, 2006 12:49 pm

Working!!!!

#276 Post by bidzer » Fri Mar 28, 2008 2:09 pm

I finally got it to work. I had to add these 3 lines to my syslog-ng.conf file:

options {
use_dns(yes);
dns_cache(yes);
dns_cache_size(200);

This is awesome!!

User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

#277 Post by bmarofsky » Thu Apr 03, 2008 10:40 am

I am having trouble getting the colors of the highlighting to show.
I have this in my config.php in the syslog plugin directory:

// Background colors, change/add/delete to suit
// Not all these are necessary, they are according to the messages in your DB
$syslog_colors['Emerg'] = 'FF0000';
$syslog_colors['Critical'] = 'FFD700';
$syslog_colors['Notice'] = '0000FF';
$syslog_colors['Info'] = '7FFF00';
$syslog_colors['Debug'] = '808080';

$syslog_colors['alert'] = 'FF8C00';
$syslog_colors['err'] = 'A52A2A';
$syslog_colors['crit'] = 'FFD700';
$syslog_colors['warn'] = '9932CC';
$syslog_colors['notice'] = '0000FF';
$syslog_colors['info'] = '7FFF00';
$syslog_colors['debug'] = '808080';

Does the text in ' ' need to match exactly with the text in the priority field of my database or can I use wild cards?

Thanks,
Brian

Cacti Version 0.8.7g
Plugin Architecture 2.8
Poller Type Cactid v
Server Info Linux 2.6.9-89.29.1.plus.c4
Web Server Apache/2.0.63 (CentOS)
PHP Version 5.1.6
MySQL Version 5.0.82sp1
RRDTool Version 1.2.23
SNMP Version 5.1.2
Plugins:
Global Plugin Settings (settings - v0.7)
Cycle Graphs (Cycle Graphs - v0.7+)
Thresholds (thold - v0.4.2)
Create Aggregate Graphs (aggregate - v0.75)
Device Monitoring (monitor - v1.2)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Host Info (hostinfo - v0.2)
Error Images (errorimage - v0.1)
Cacti-ReportIt (reportit - v0.7.2)
WMI Query (wmi - v0.1)
Realtime Graph Viewer (realtime - v0.42)
Watermark (watermark - v0.1)

User avatar
TheWitness
Developer
Posts: 14817
Joined: Tue May 14, 2002 5:08 pm
Location: MI, USA
Contact:

#278 Post by TheWitness » Thu Apr 03, 2008 11:01 pm

Brian,

With Jimmy's assistance, there is something nice cooking up in the Cacti Group's SVN at the moment. I will add this to the list of enhancements.

To answer your question, my guess is that it's pretty stupid.

TheWitness
True understanding begins only when we realize how little we truly understand...

Life is an adventure, let yours begin with Cacti!

Author of MacTrack, Boost, CLog, SpikeKill, Platform RTM, DSStats, maintainer of Spine, lot's of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Central Plugin Repository
Central Templates Repository


I'm still out there people. Getting excited for Cacti 1.2. I think it will be a great release.

User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

#279 Post by bmarofsky » Fri Apr 04, 2008 5:41 am

I'm a little groggy in the AM. So what does that mean? Is the highlighting a feature that does or does not work?
TheWitness wrote:Brian,

With Jimmy's assistance, there is something nice cooking up in the Cacti Group's SVN at the moment. I will add this to the list of enhancements.

To answer your question, my guess is that it's pretty stupid.

TheWitness
Brian

Cacti Version 0.8.7g
Plugin Architecture 2.8
Poller Type Cactid v
Server Info Linux 2.6.9-89.29.1.plus.c4
Web Server Apache/2.0.63 (CentOS)
PHP Version 5.1.6
MySQL Version 5.0.82sp1
RRDTool Version 1.2.23
SNMP Version 5.1.2
Plugins:
Global Plugin Settings (settings - v0.7)
Cycle Graphs (Cycle Graphs - v0.7+)
Thresholds (thold - v0.4.2)
Create Aggregate Graphs (aggregate - v0.75)
Device Monitoring (monitor - v1.2)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Host Info (hostinfo - v0.2)
Error Images (errorimage - v0.1)
Cacti-ReportIt (reportit - v0.7.2)
WMI Query (wmi - v0.1)
Realtime Graph Viewer (realtime - v0.42)
Watermark (watermark - v0.1)

noflies
Cacti User
Posts: 83
Joined: Sun Dec 18, 2005 9:30 am

#280 Post by noflies » Fri Apr 04, 2008 6:37 am

It currently needs to match.
In my infinite lazyness, I created this SNIPPET for my <cacti_path>/plugins/syslog/config.php

Code: Select all

//  Background colors, change/add/delete to suit
//  Not all these are necessary, they are according to the messages in your DB
$syslog_colors["Emerg"]                 = "FF0000";
$syslog_colors["emerg"]                 = "FF0000";
$syslog_colors["Emergency"]             = "FF0000";
$syslog_colors["emergency"]             = "FF0000";
$syslog_colors["Alert"]                 = "FF0000";
$syslog_colors["alert"]                 = "FF0000";
$syslog_colors["Crit"]                  = "EACC00";
$syslog_colors["crit"]                  = "EACC00";
$syslog_colors["Critical"]              = "EACC00";
$syslog_colors["critical"]              = "EACC00";
$syslog_colors["Err"]                   = "F5F800";
$syslog_colors["err"]                   = "F5F800";
$syslog_colors["Error"]                 = "F5F800";
$syslog_colors["error"]                 = "F5F800";
$syslog_colors["Warn"]                  = "0000FF";
$syslog_colors["warn"]                  = "0000FF";
$syslog_colors["Warning"]               = "0000FF";
$syslog_colors["warning"]               = "0000FF";
$syslog_colors["Notice"]                = "00FF00";
$syslog_colors["notice"]                = "00FF00";
$syslog_colors["Info"]                  = "CDCFC4";
$syslog_colors["info"]                  = "CDCFC4";
$syslog_colors["Debug"]                 = "FFFFFF";
$syslog_colors["debug"]                 = "FFFFFF";

//  Font Text colors (defaults to 000000)
$syslog_text_colors['Emerg']            = 'FFFFFF';
$syslog_text_colors['emerg']            = 'FFFFFF';
$syslog_text_colors['Emergency']        = 'FFFFFF';
$syslog_text_colors['emergency']        = 'FFFFFF';
$syslog_text_colors['Alert']            = 'FFFFFF';
$syslog_text_colors['alert']            = 'FFFFFF';
$syslog_text_colors['Crit']             = '';
$syslog_text_colors['crit']             = '';
$syslog_text_colors['Critical']         = '';
$syslog_text_colors['critical']         = '';
$syslog_text_colors['Err']              = '';
$syslog_text_colors['err']              = '';
$syslog_text_colors['Error']            = '';
$syslog_text_colors['error']            = '';
$syslog_text_colors['Warn']             = 'FFFFFF';
$syslog_text_colors['warn']             = 'FFFFFF';
$syslog_text_colors['Warning']          = 'FFFFFF';
$syslog_text_colors['warning']          = 'FFFFFF';
$syslog_text_colors['Notice']           = '';
$syslog_text_colors['notice']           = '';
$syslog_text_colors['Info']             = '';
$syslog_text_colors['info']             = '';
$syslog_text_colors['Debug']            = '000000';
$syslog_text_colors['debug']            = '000000';
[/code]

User avatar
TheWitness
Developer
Posts: 14817
Joined: Tue May 14, 2002 5:08 pm
Location: MI, USA
Contact:

#281 Post by TheWitness » Fri Apr 04, 2008 6:38 am

This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness
True understanding begins only when we realize how little we truly understand...

Life is an adventure, let yours begin with Cacti!

Author of MacTrack, Boost, CLog, SpikeKill, Platform RTM, DSStats, maintainer of Spine, lot's of unpublished work and most of Cacti's bugs.
_________________
Official Cacti Documentation
GitHub Repository with Supported Plugins
Central Plugin Repository
Central Templates Repository


I'm still out there people. Getting excited for Cacti 1.2. I think it will be a great release.

User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

#282 Post by bmarofsky » Fri Apr 04, 2008 7:03 am

I tried yours and it didn't work either.

Could the problem be that the LEVEL column is displaying a combined Facility.Level value?


noflies wrote:It currently needs to match.
In my infinite lazyness, I created this SNIPPET for my <cacti_path>/plugins/syslog/config.php

Code: Select all

//  Background colors, change/add/delete to suit
//  Not all these are necessary, they are according to the messages in your DB
$syslog_colors["Emerg"]                 = "FF0000";
$syslog_colors["emerg"]                 = "FF0000";
$syslog_colors["Emergency"]             = "FF0000";
$syslog_colors["emergency"]             = "FF0000";
$syslog_colors["Alert"]                 = "FF0000";
$syslog_colors["alert"]                 = "FF0000";
$syslog_colors["Crit"]                  = "EACC00";
$syslog_colors["crit"]                  = "EACC00";
$syslog_colors["Critical"]              = "EACC00";
$syslog_colors["critical"]              = "EACC00";
$syslog_colors["Err"]                   = "F5F800";
$syslog_colors["err"]                   = "F5F800";
$syslog_colors["Error"]                 = "F5F800";
$syslog_colors["error"]                 = "F5F800";
$syslog_colors["Warn"]                  = "0000FF";
$syslog_colors["warn"]                  = "0000FF";
$syslog_colors["Warning"]               = "0000FF";
$syslog_colors["warning"]               = "0000FF";
$syslog_colors["Notice"]                = "00FF00";
$syslog_colors["notice"]                = "00FF00";
$syslog_colors["Info"]                  = "CDCFC4";
$syslog_colors["info"]                  = "CDCFC4";
$syslog_colors["Debug"]                 = "FFFFFF";
$syslog_colors["debug"]                 = "FFFFFF";

//  Font Text colors (defaults to 000000)
$syslog_text_colors['Emerg']            = 'FFFFFF';
$syslog_text_colors['emerg']            = 'FFFFFF';
$syslog_text_colors['Emergency']        = 'FFFFFF';
$syslog_text_colors['emergency']        = 'FFFFFF';
$syslog_text_colors['Alert']            = 'FFFFFF';
$syslog_text_colors['alert']            = 'FFFFFF';
$syslog_text_colors['Crit']             = '';
$syslog_text_colors['crit']             = '';
$syslog_text_colors['Critical']         = '';
$syslog_text_colors['critical']         = '';
$syslog_text_colors['Err']              = '';
$syslog_text_colors['err']              = '';
$syslog_text_colors['Error']            = '';
$syslog_text_colors['error']            = '';
$syslog_text_colors['Warn']             = 'FFFFFF';
$syslog_text_colors['warn']             = 'FFFFFF';
$syslog_text_colors['Warning']          = 'FFFFFF';
$syslog_text_colors['warning']          = 'FFFFFF';
$syslog_text_colors['Notice']           = '';
$syslog_text_colors['notice']           = '';
$syslog_text_colors['Info']             = '';
$syslog_text_colors['info']             = '';
$syslog_text_colors['Debug']            = '000000';
$syslog_text_colors['debug']            = '000000';
[/code]
Attachments
marofskySyslog.doc
(309.5 KiB) Downloaded 359 times
Brian

Cacti Version 0.8.7g
Plugin Architecture 2.8
Poller Type Cactid v
Server Info Linux 2.6.9-89.29.1.plus.c4
Web Server Apache/2.0.63 (CentOS)
PHP Version 5.1.6
MySQL Version 5.0.82sp1
RRDTool Version 1.2.23
SNMP Version 5.1.2
Plugins:
Global Plugin Settings (settings - v0.7)
Cycle Graphs (Cycle Graphs - v0.7+)
Thresholds (thold - v0.4.2)
Create Aggregate Graphs (aggregate - v0.75)
Device Monitoring (monitor - v1.2)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Host Info (hostinfo - v0.2)
Error Images (errorimage - v0.1)
Cacti-ReportIt (reportit - v0.7.2)
WMI Query (wmi - v0.1)
Realtime Graph Viewer (realtime - v0.42)
Watermark (watermark - v0.1)

User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

#283 Post by bmarofsky » Fri Apr 04, 2008 8:15 am

TheWitness wrote:This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness
OK, it appears to have been working (as per a post on page 1 or 2). Maybe that was a previous version.

I would really like to see this feature in action.
Brian

Cacti Version 0.8.7g
Plugin Architecture 2.8
Poller Type Cactid v
Server Info Linux 2.6.9-89.29.1.plus.c4
Web Server Apache/2.0.63 (CentOS)
PHP Version 5.1.6
MySQL Version 5.0.82sp1
RRDTool Version 1.2.23
SNMP Version 5.1.2
Plugins:
Global Plugin Settings (settings - v0.7)
Cycle Graphs (Cycle Graphs - v0.7+)
Thresholds (thold - v0.4.2)
Create Aggregate Graphs (aggregate - v0.75)
Device Monitoring (monitor - v1.2)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Host Info (hostinfo - v0.2)
Error Images (errorimage - v0.1)
Cacti-ReportIt (reportit - v0.7.2)
WMI Query (wmi - v0.1)
Realtime Graph Viewer (realtime - v0.42)
Watermark (watermark - v0.1)

User avatar
bmarofsky
Posts: 49
Joined: Tue Aug 28, 2007 8:35 am
Location: Southington, CT

#284 Post by bmarofsky » Sun Apr 06, 2008 3:33 pm

I got it! Kiwi's mapping was wrong. I had priority mapped to priority instead of level.

Looks great!

bmarofsky wrote:
TheWitness wrote:This should be controlled either through CSS, or via a user interface. That's what I was talking about.

TheWitness
OK, it appears to have been working (as per a post on page 1 or 2). Maybe that was a previous version.

I would really like to see this feature in action.
Brian

Cacti Version 0.8.7g
Plugin Architecture 2.8
Poller Type Cactid v
Server Info Linux 2.6.9-89.29.1.plus.c4
Web Server Apache/2.0.63 (CentOS)
PHP Version 5.1.6
MySQL Version 5.0.82sp1
RRDTool Version 1.2.23
SNMP Version 5.1.2
Plugins:
Global Plugin Settings (settings - v0.7)
Cycle Graphs (Cycle Graphs - v0.7+)
Thresholds (thold - v0.4.2)
Create Aggregate Graphs (aggregate - v0.75)
Device Monitoring (monitor - v1.2)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Host Info (hostinfo - v0.2)
Error Images (errorimage - v0.1)
Cacti-ReportIt (reportit - v0.7.2)
WMI Query (wmi - v0.1)
Realtime Graph Viewer (realtime - v0.42)
Watermark (watermark - v0.1)

mcutting
Cacti Guru User
Posts: 1874
Joined: Mon Oct 16, 2006 5:57 am
Location: United Kingdom
Contact:

#285 Post by mcutting » Tue May 20, 2008 11:41 am

Hi bmarofsky,

Could you explain your mapping settings in KIWI please ?

Thanks
Cacti Version 0.8.8b
Cacti OS Ubuntu LTS
RRDTool Version RRDTool 1.4.7
Poller Information
Type SPINE 0.8.8b

Post Reply