Nagios syslog


#1

hi to all!
I need to export nagios alerts to an external syslog server for centralized management and monitoring. I can see nagios messages in “var/log/messages” but i can’t find which syslog facility is used by nagios! can someone help? thanks in advance


#2

Maybe I should explain myself better, sorry for my bad english:
I need to add the following line to syslog.conf:
"x.* @my_remote_syslogserver"
where x is the syslog facility used by nagios for writing in to the /var/log/message log file. can someone tell me what is x?
eg. daemon, syslog, local, local7, kern, etc…?
really thanks in advance for any reply!


#3

I turned on syslog 1 in nagios.cfg and from what I see in the /var/log/messages file, it’s “nagios”.


#4

really thanks, but “nagios.*” doesn’t work for me! any other help?


#5

Paste an entry made to “messages” by nagios please.


#6

nagios: SERVICE ALERT: Services Web;xxxx.verify;OK;SOFT;2;HTTP ok: HTTP/1.1 200 OK - 0.457 second response time


#7

I guess I just don’t know, but it still looks like “nagios.*” would work, but I must be wrong.


#8

so if you put in your syslog the following string:
"nagios.* /var/log/test.log"
does every entry made by nagios is inserted in /var/log/test.log? can you try please?
really thanks


#9

I was right, i don’t know what I’m talking about. i can’t figure out what one it’s using either. i can’t find it in the source either. Some apps, you can specify what facility you want to use during the compile, or just set an option in a .cfg file, like apache httpd.conf


#10

thanks you for your help. I think the question now is: how can i setup a syslog facility in nagios?


#11

It appears to be sending the syslog alert notifications to “user.info”, at least on my system.


#12

yes it is, really thanks, it work now! how did you guess that?


#13

I’m running a syslog-ng loghost and piping the data to a mysql database, so I have priority and facility as separate columns in my tables. A quick search for “nagios and alert” showed me the facility and priority fields.


#14

Did anyone ever figure out what facility.priority to use within syslog.conf to send nagios messages to a remote server? Guess I didn’t see the complete post - oops :slight_smile:


#15

I’m forwarding all syslog events to a remote server but its a bit noisy. I’d like to up the priority of the nagios events to critical. Anybody know how to raise the priority of the events sent to syslog ?