Syslog Parser not working(SOLVED)

Started by kwisatz, April 24, 2013, 01:53:34 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

kwisatz

April 24, 2013, 01:53:34 PM Last Edit: April 24, 2013, 06:39:45 PM by kwisatz
Hi Everybody,

I am trying to use SYSLOG Parser.  In the documentation describes that it's possible to parse incoming messages using built in netxms syslog daemon but i am enable to generate events of this incoming messages to syslog.

for instance i want to grab all messages containing ntpd
Code Select
ntpd[3938]: can't open /var/lib/ntp/ntp.drift

Code Select
<parser>
   <rules>
      <rule>
         <match>*ntpd*</match>
         <event params="1">503</event>
      </rule>
   </rules>
   <macros/>
</parser>

What is wrong with this argument i even try to use .* *, etc.

I am using netxms 1.2.6 compiled with:
Code Select
./configure --with-server --with-mysql --with-agent --prefix=/opt/netxms --enable-unicode

thank you in advanced,
Best Regards


kwisatz

#1
April 24, 2013, 06:40:13 PM
Solved with the good help of trace and debug.
Print
Go Up Pages1
User actions