i have tried above step but still not getting syslogd for each nodes. guide me to troubleshoot so i can get syslogd logs in opennms application.
@nitin The current default is
org.opennms.netmgt.syslogd.RadixTreeSyslogParser and you shouldn’t have to change it.
In fact, you shouldn’t have to change anything in the
syslogd-configuration.xml at all; just enable the service in
service-configuration.xml and restart OpenNMS.
Uhhh… you wouldn’t? That isn’t a function that OpenNMS’s syslogd integration provides. Whatever gave you the idea that it did?
What port are you sending the syslog messages to, and is OpenNMS configured to receive on that port with the firewall open?
@mmahacek firewall is disable. in syslogd.configuration file port is 10514
root@tbxms1:/etc/opennms# netstat -tupln | grep syslog
tcp 0 0 0.0.0.0:10514 0.0.0.0:* LISTEN 7352/rsyslogd
tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 7352/rsyslogd
tcp6 0 0 :::10514 :::* LISTEN 7352/rsyslogd
tcp6 0 0 :::514 :::* LISTEN 7352/rsyslogd
udp 0 0 0.0.0.0:10514 0.0.0.0:* 7352/rsyslogd
udp 0 0 0.0.0.0:514 0.0.0.0:* 7352/rsyslogd
udp6 0 0 :::10514 :::* 7352/rsyslogd
udp6 0 0 :::514 :::* 7352/rsyslogd
And you have provisioned nodes into OpenNMS that match the IP address(es) sending the syslog messages?
@dino2gnt may i know the actual process what i have to do for get separate node logs.
The syslogd service converts logs to OpenNmS events and writes them to the server’s database, not the .log files.
@mmahacek how to get separate node logs?
yeah they are same segments.
That’s not what I asked. Does opennms have a node it is monitoring that matches the IP address that is sending it syslog messages?
yes ip address is matching with syslog .
Depends on what you actually mean when you say “separate node logs”.
Do you want logs from each node to be separate files on your OpenNMS server, or do you want logs from OpenNMS separated into a file per node?
That’s what the syslogd integration in OpenNMS does, convert syslog messages into events.
That’s your problem, then. You have the system
rsyslogd listening on port 10514, which is the port OpenNMS (by default) will try to use. Either change the port to something else in
syslogd-configuration.xml or reconfigure rsyslog to not bind to that port.
@dino2gnt in attached article
That’s for syslog-ng to send to OpenNMS, not for OpenNMS to receive syslog.
whether this proper?