Output armonitor.log to syslog
Just taken onboard Splunk to read syslog messages sent from all servers. Wonderfully we pick up messages sent to arerror.log which we can alert against, but am wishing to also monitor the armonitor.log. Has anyone been able to send the output of armonitor.log to syslog in a Linux environment? ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are
Re: Output armonitor.log to syslog
Simon, Is there a reason you don't simply have Splunk configured to monitor the armonitor.log itself? You may need to create some custom filtering to get it readable, but I don't think that takes too long, if you've got a decent Splunk developer/admin. Good luck! Matt -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Simon Ellis Sent: Thursday, November 08, 2012 1:55 PM To: arslist@ARSLIST.ORG Subject: Output armonitor.log to syslog Just taken onboard Splunk to read syslog messages sent from all servers. Wonderfully we pick up messages sent to arerror.log which we can alert against, but am wishing to also monitor the armonitor.log. Has anyone been able to send the output of armonitor.log to syslog in a Linux environment? ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are
Re: Output armonitor.log to syslog
Hi Matt, I tried that tact with them, but they seemed adamant they wanted armonitor.log to output to syslog. -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Matt Reinfeldt Sent: Friday, 9 November 2012 9:18 a.m. To: arslist@ARSLIST.ORG Subject: Re: Output armonitor.log to syslog Simon, Is there a reason you don't simply have Splunk configured to monitor the armonitor.log itself? You may need to create some custom filtering to get it readable, but I don't think that takes too long, if you've got a decent Splunk developer/admin. Good luck! Matt -Original Message- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Simon Ellis Sent: Thursday, November 08, 2012 1:55 PM To: arslist@ARSLIST.ORG Subject: Output armonitor.log to syslog Just taken onboard Splunk to read syslog messages sent from all servers. Wonderfully we pick up messages sent to arerror.log which we can alert against, but am wishing to also monitor the armonitor.log. Has anyone been able to send the output of armonitor.log to syslog in a Linux environment? ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: Where the Answers Are
