1
answer

Hello,

I am having an issue with the Program name not population with anything on our syslog server.  The service name is just blank.  Below is my config file.  Am I missing something?

 

## Please set the ROOT to your nxlog installation directory
 
#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog
 
Moduledir %ROOT%\modules
CacheDir  %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir  %ROOT%\data
LogFile %ROOT%\data\nxlog.log

 
<Extension syslog>
  Module xm_syslog  
</Extension>
 
# Monitor application log files
#<Input watchfile>
#  Module im_file
#  # File 'C:\\path\\to\\*.log'
#  Exec $Message = $raw_event;
# Exec if file_name() =~ /.*\\(.*)/ $SourceName = $1;
# SavePos TRUE  
#  Recursive TRUE
#</Input>
 
# Monitor Windows event logs
#<Input eventlog>
  # Uncomment for Windows Vista/2008 or later 
#  Module im_msvistalog
  
  # Uncomment for Windows 2000 or later
  # Module im_mseventlog
#</Input>
 
#<Processor eventlog_transformer>
#  Module pm_transformer
#  Exec $Hostname = hostname();
#  OutputFormat syslog_rfc5424  
#</Processor>
 
<Output syslogout_centreon>
  Module om_udp
  Host 10.10.103.112
  Port 514
</Output>

# Monitor CME FlatFile
<Input watchfile_test>
  Module im_file
  File 'C:\\logs\\test.txt'
  Exec $Message = $raw_event;
  Exec $SyslogSeverityValue = 6;
  Exec if $raw_event =~ /INFO/ drop(); 
  Exec if file_name() =~ /.*\\(.*)/ $SourceName = $1; 
  Exec if $raw_event =~ /WARNING/ $SyslogSeverityValue = 4; 
  Exec if $raw_event =~ /ERROR/ $SyslogSeverityValue = 3; 
  Exec if $raw_event =~ /CRITICAL/ $SyslogSeverityValue = 2;
  Exec if $raw_event =~ /ALERT/ $SyslogSeverityValue = 1; 
  SavePos TRUE  
  Recursive TRUE
  PollInterval 10
</Input>

<Processor filewatcher_transformer_test>
  Module pm_transformer
  
   #Uncomment to override the program name
   Exec $SourceName = 'test';
    
  Exec $Hostname = hostname();
  OutputFormat syslog_rfc5424
</Processor>

# Path to send Syslog message for test Flat File Generator
<Route cme_flat_file_generator>
  Path watchfile_test => filewatcher_transformer_test => syslogout_centreon
</Route>

 

 

 

 

 

 

 

AskedJune 25, 2015 - 3:17pm

Answer (1)

I don't see $Servicename anywhere in the config file. Perhaps you meant $SourceName?

AnsweredJune 25, 2015 - 3:37pm