If I'm reading this right your saying that you did Rsyslog->Elasticsearch->gui?
I've tried installing the rpm on centos and it installs but apparently it
doesn't come with a config file and so the daemon starts it errors out in the
logs and just shuts down after that.
-Original Message--
On Tue, 8 Apr 2014, Mike Hoskins (michoski) wrote:
-Original Message-
From: Orangepeel Beef
Reply-To: rsyslog-users
Date: Tuesday, April 8, 2014 at 2:24 PM
To: rsyslog-users
Subject: Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server
imho you want to go the redis route wh
On Tue, 8 Apr 2014, Oliver Bestwalter wrote:
Hi David,
On 7 April 2014 21:31, David Lang wrote:
On Mon, 7 Apr 2014, Oliver Bestwalter wrote:
Hi David,
On 7 April 2014 19:07, David Lang wrote:
write a log with the format RSYSLOG_DebugFormat and you will see the
rawlog that rsyslog r
On Tue, 8 Apr 2014, Rainer Gerhards wrote:
Hi all,
while I think it is nice to have a toc functionality inside the new doc,
the current structure does not look very appealing to me. Probably a core
problem is that we try to squeeze in the existing content and build to toc
out of it.
Wouldn't i
-Original Message-
From: David Lang
Reply-To: rsyslog-users
Date: Tuesday, April 8, 2014 at 2:53 PM
To: rsyslog-users
Subject: Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server
>On Tue, 8 Apr 2014, Rick Brown wrote:
>
>> Today I've setup my central rsyslog server to replay t
-Original Message-
From: Orangepeel Beef
Reply-To: rsyslog-users
Date: Tuesday, April 8, 2014 at 2:24 PM
To: rsyslog-users
Subject: Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server
>imho you want to go the redis route when you need multiple indexers to
>read
>the same strea
- Original Message -
> From: "David Lang"
> To: "rsyslog-users"
> Sent: Tuesday, April 8, 2014 2:53:24 PM
> Subject: Re: [rsyslog] Rsyslog w/ logstash-elasticsearch-kibana server
>
> On Tue, 8 Apr 2014, Rick Brown wrote:
>
> > Today I've setup my central rsyslog server to replay the log
On Tue, 8 Apr 2014, Rick Brown wrote:
Today I've setup my central rsyslog server to replay the logs via omudpspoof
to a logstash server -> ES. It's already indexing about twice as much as just
rsyslog -> ES was using the recipe in the first link below, and I haven't even
begun to dig into the
Well, logstash can listen on TCP or UDP port 514, or it can read from a file,
either one is a good mechansims to use to get logs to logstash
On the other hand, you may want to look and see if you can get rsyslog to do
what you have been using logstash to do, eliminating one moving part is usual
Hey David,
Yeah I'm wanting rsyslog to deliver logs to logstash. I have used rsyslog with
splunk and since splunk is ungodly expensive. I'm having to come up with an
opensource solution for indexing/searchable logs.
-Original Message-
From: rsyslog-boun...@lists.adiscon.com
[mailto:rs
On Tue, 8 Apr 2014, Josh Bitto wrote:
Hello Everyone,
I'm wanting to setup a syslog server that combines the three programs listed
above with rsyslog. Has anyone had any success using this? I'm running on a
CentOS 6.5 and finding adequate instructions on how to not only setup all three
PLUS
Today I've setup my central rsyslog server to replay the logs via omudpspoof to
a logstash server -> ES. It's already indexing about twice as much as just
rsyslog -> ES was using the recipe in the first link below, and I haven't even
begun to dig into the scads of plugins available for logstash
imho you want to go the redis route when you need multiple indexers to read
the same stream of data. my rsyslog collectors are also my logstash
indexers, so no need for the intermediary layer.
or, when you can't get syslog data directly and need redis to distribute
your data to logstash from anyw
it works, but I find it overly complex for my environment. read: I don't
need it ;)
On Apr 8, 2014 11:13 AM, "Josh Bitto" wrote:
> I have read about Redis as being the "broker" thoughts?
>
>
>
> -Original Message-
> From: rsyslog-boun...@lists.adiscon.com [mailto:
> rsyslog-boun...@list
I have read about Redis as being the "broker" thoughts?
-Original Message-
From: rsyslog-boun...@lists.adiscon.com
[mailto:rsyslog-boun...@lists.adiscon.com] On Behalf Of Orangepeel Beef
Sent: Tuesday, April 08, 2014 11:11 AM
To: rsyslog-users
Subject: Re: [rsyslog] Rsyslog w/ logstash-
I use rsyslog to pipe into sec, and then use logstash file input to index.
could be done without SEC as well. I don't like delivering syslog right
into logstash.
On Apr 8, 2014 11:09 AM, "Sphonic" wrote:
> I use rsyslog to send all items to logstash which has a syslog listener
> enabled.
>
> Sen
I use rsyslog to send all items to logstash which has a syslog listener
enabled.
Sent from my iPhone
> On 8 Apr 2014, at 18:05, Josh Bitto wrote:
>
> Hello Everyone,
>
> I'm wanting to setup a syslog server that combines the three programs listed
> above with rsyslog. Has anyone had any suc
On Tue, 8 Apr 2014, Rick Brown wrote:
- Original Message -
From: "Rainer Gerhards"
On Tue, Apr 8, 2014 at 1:53 AM, Mike Hoskins (michoski)
wrote:
-Original Message-
From: Andre Lorbach
Reply-To: "alorb...@adiscon.com" ,
rsyslog-users
Date: Monday, April 7, 2014 at 10:19 AM
Given that you are compiling this yourself, can you move to the current
community supported version (8.2)?
5.10 is quite old. If it was a simple config thing, we try to help, but with
deeper issues, the community only has limited manpower, so we try to concentrate
it on the current version. Ad
In the rsyslog.conf (and included files) there are parameters to set the
permissions on the log files that are created.
If your distro has set something different from the rsyslog default (or modified
the source to change the default), we aren't going to know about it.
If you look at (or post
Hello Everyone,
I'm wanting to setup a syslog server that combines the three programs listed
above with rsyslog. Has anyone had any success using this? I'm running on a
CentOS 6.5 and finding adequate instructions on how to not only setup all three
PLUS rsyslog has been somewhat of a challenge.
-Original Message-
From: Rainer Gerhards
Reply-To: rsyslog-users
Date: Tuesday, April 8, 2014 at 1:45 AM
To: rsyslog-users
Subject: Re: [rsyslog] elasticsearch RPM for el5
>On Tue, Apr 8, 2014 at 1:53 AM, Mike Hoskins (michoski)
>wrote:
>
>> -Original Message-
>> From: Andre Lor
I can't extract log message because there is sensible informations.
But this is our rsyslog configuration:
We use rsyslog 5.10 (compiled on redhat 5.9 x86_64), with module omrelp,
omoracle, impstats, gnutls
The
rsyslog 5.10 installation on redhat 5.9:
[root@toto libestr-0.1.9]# CC="gcc
${BU
- Original Message -
> From: "Rainer Gerhards"
> To: "rsyslog-users"
> Sent: Tuesday, April 8, 2014 1:45:41 AM
> Subject: Re: [rsyslog] elasticsearch RPM for el5
>
> On Tue, Apr 8, 2014 at 1:53 AM, Mike Hoskins (michoski)
> wrote:
>
> > -Original Message-
> > From: Andre Lorbach
It's ok ... I'll do it manually
Thx a lot
El Fatayri Anwar
> Date: Tue, 8 Apr 2014 13:43:08 +0200
> From: rgerha...@hq.adiscon.com
> To: rsyslog@lists.adiscon.com
> Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions
>
> Which values do you want?
>
> Sent from phone, thus brief.
>
Which values do you want?
Sent from phone, thus brief.
Am 08.04.2014 13:29 schrieb "Anwar El fatayri" :
>
>
> El Fatayri Anwar
> ok ... But how can i do that ?
> Anwar
>
>
>
> > Date: Tue, 8 Apr 2014 12:52:48 +0200
> > From: rgerha...@hq.adiscon.com
> > To: rsyslog@lists.adiscon.com
> > Subject:
El Fatayri Anwar
ok ... But how can i do that ?
Anwar
> Date: Tue, 8 Apr 2014 12:52:48 +0200
> From: rgerha...@hq.adiscon.com
> To: rsyslog@lists.adiscon.com
> Subject: Re: [rsyslog] rsyslog 5.8.10 Log Files permissions
>
> On Tue, Apr 8, 2014 at 12:42 PM, Anwar El fatayri <
> anwar.fata...@
Hi all,
while I think it is nice to have a toc functionality inside the new doc,
the current structure does not look very appealing to me. Probably a core
problem is that we try to squeeze in the existing content and build to toc
out of it.
Wouldn't it make sense to sit back a bit and think about
On Tue, Apr 8, 2014 at 12:42 PM, Anwar El fatayri <
anwar.fata...@hotmail.co.uk> wrote:
> Hey Rainer,
> I want my configuration files to be generic. Creating all Linux standard
> log files manually is not generic (i might have problems when updating the
> system for example).
> Example:
> 1) Insta
Hey Rainer,
I want my configuration files to be generic. Creating all Linux standard log
files manually is not generic (i might have problems when updating the system
for example).
Example:
1) Install linux on a machine (CentOS 6.3 for ex.) 2) delete
/var/log/messages3) restart rsyslogd
Result
On Tue, Apr 8, 2014 at 11:18 AM, Anwar El fatayri <
anwar.fata...@hotmail.co.uk> wrote:
> Hey all,
> I wrote a script that creates a generic rsyslog configuration files in
> rsyslog.d for all my machines. I have one problem with my log files
> permissions. This is the permissions config file that
Hi David,
On 7 April 2014 21:31, David Lang wrote:
> On Mon, 7 Apr 2014, Oliver Bestwalter wrote:
>
> Hi David,
>>
>>
>> On 7 April 2014 19:07, David Lang wrote:
>>
>> write a log with the format RSYSLOG_DebugFormat and you will see the
>>> rawlog that rsyslog received and how it's been pars
Hey all,
I wrote a script that creates a generic rsyslog configuration files in
rsyslog.d for all my machines. I have one problem with my log files
permissions. This is the permissions config file that my script generates
/etc/rsyslog.d/zz-002-permissions.log :
$FileGroup jboss-as-logs$umask 000
33 matches
Mail list logo