Hey!
You can use statistical counters to help see this.
Check out the Detecting a Dead Agent or Log Source chapter in the manual.
Basically it is this config:
<Input in>
Module im_tcp
Port 2345
<Exec>
create_stat("msgrate", "RATE", 3600);
add_stat("msgrate", 1);
</Exec>
<Schedule>
Every 3600 sec
<Exec>
create_stat("msgrate", "RATE", 10);
add_stat("msgrate", 0);
if defined get_stat("msgrate") and get_stat("msgrate") <= 1
log_error("No messages received from the source!");
</Exec>
</Schedule>
</Input>
Comments (6)
Hi Zhengshi!
This is great but we're trying to find out if NXLog itself or the server it resides on is down.
What most of our applications do is send in a periodic REST request into an API at a fifteen minute interval to check in with various agent details.
We were hoping we could leverage NXLog to send this same kind of heartbeat and then after a certain interval it would be flagged.
I've been simulating this by sending data from script to an http output module that then forwards the request but it looks like this is creating excess logging.
It looks like your above method you're using NXLog to listen to other sources, however we're hoping monitor NXLog itself and to continue using our API gateway to receive agent polling.
Does that make sense?
Suggestions?
Thanks buddy!
Hi Zhengshi!
This is great but we're trying to find out if NXLog itself or the server it resides on is down.
What most of our applications do is send in a periodic REST request into an API at a fifteen minute interval to check in with various agent details.
We were hoping we could leverage NXLog to send this same kind of heartbeat and then after a certain interval it would be flagged.
I've been simulating this by sending data from script to an http output module that then forwards the request but it looks like this is creating excess logging.
It looks like your above method you're using NXLog to listen to other sources, however we're hoping monitor NXLog itself and to continue using our API gateway to receive agent polling.
Does that make sense?
Suggestions?
Thanks buddy!
Hello.
Looks like modules
im_mark
andom_http
can help you. First one is create a message in chosen interval and the other are simply sending stuff to selected address. So in your case it will looks like this:More info about modules are here:
https://nxlog.co/documentation/nxlog-user-guide/im_mark.html
https://nxlog.co/documentation/nxlog-user-guide/om_http.html
Let us now is this solves your problem.
Best regards, Arch
Ok great!
If I wanted to include server a specific attribute that would be generated from script, can I dynamically add that to the
Mark
property?Is it possible to execute the script and then set it as a global constant that I can use in the
Mark
property?Thanks for the great feedback!
Hi,
This way NXLog will parse any incoming message - right now they comes only from im_mark - and invoke perl function. This function add environmental variable to $raw_message as $Message field and you can do anything with it now.
Config:
and Perl file for example:
Other way is to use directives like
envvar
, which allows you to include Enviromental Variables directly into nxlog.conf along withinclude_stdout
which could execute some external script and get it's STDOUT in the nxlog.conf. This one is much easier but works only in Enterprise Edition. :)Hope it helps.
Best regards, Arch
Great!
Thanks!
I will update this post with my findings.
Thanks again!