Last active
August 29, 2015 14:07
-
-
Save VerosK/d4cbbedf56111bcd3c0f to your computer and use it in GitHub Desktop.
Forward local file to remote syslog
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #[root /etc/rsyslog.d]# cat 12-nagios.conf | |
| $ModLoad imfile | |
| $InputFilename /var/log/nagios/nagios.log | |
| $InputFileStateFile .nagios.rsyslog | |
| # Don't forget semicolon on next line! | |
| $InputFileTag nagios.log: | |
| $InputFileFacility local6 | |
| $InputFileSeverity info | |
| $InputRunFileMonitor | |
| #[root /etc/rsyslog.d]# cat 99-forward-to-logstash.conf | |
| # | |
| # TCP Logging to local logstash with queue | |
| # | |
| $WorkDirectory /var/lib/rsyslog # where to place spool files | |
| $ActionQueueFileName to-logstash # unique name prefix for spool files | |
| $ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible) | |
| $ActionQueueSaveOnShutdown on # save messages to disk on shutdown | |
| $ActionQueueType LinkedList # run asynchronously | |
| $ActionResumeRetryCount -1 # infinite retries if host is down | |
| *.* @@192.168.16.228:5544 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
beware: This is config from Centos 5.5 with really old rsyslog.