SysLog Forwarding for XenServer

BRRABill

@stacksofplates said in SysLog Forwarding for XenServer:

@BRRABill said in SysLog Forwarding for XenServer:

@DustinB3403 said in SysLog Forwarding for XenServer:

@BRRABill said in SysLog Forwarding for XenServer:

@DustinB3403 said in SysLog Forwarding for XenServer:

For anyone curious how to stop any local logging just modify

/var/lib/syslog.conf

Comment out everything that hits a local path, leaving the @<ip_addr> as the only option.

Reboot and see if it sticks.

It did not for me.

Will test tomorrow.

That was my issue. On reboot it would wipe out the changes I made.

In a pinch you can do chattr +i on the rsyslog.conf file to make it immutable.

Yeah on the bottom of that article everyone talks about it basically says to change the permission to make it unwritable.

But they call that a QUOTE dirty, dirty tirck UNQUOTE.

BRRABill

@BRRABill said in SysLog Forwarding for XenServer:

@momurda said in SysLog Forwarding for XenServer:

I donwloaded the Graylog OVA this morning to test it out and put it on my XS pool.

I cannot get it to import onto my XS.

Did you just import it in with no issues?

I tried on my other XS and it worked fine.

Must have been a memory issue on my test one.

BRRABill

@momurda said in SysLog Forwarding for XenServer:

I think it is important to note that the graylog ova is preconfigured to 'just work' according to their site, and it seems to do just that. I will try adding some of my windows vm to this and see what happens later today or tomorrow.

Once I had it imported onto my XS, I had it logging in seconds.

Pretty sweet.

If only I was using open source and virtualization years ago!!!!!!

momurda

@BRRABill
Yes, no issues. Didn't even use the fixup disc option. Took a few minutes to start up but it worked right away

BRRABill

@momurda said in SysLog Forwarding for XenServer:

@BRRABill
Yes, no issues. Didn't even use the fixup disc option. Took a few minutes to start up but it worked right away

Yep, pretty sweet indeed.

When I get some time I'm going to forward all my Windows event logs there.

scottalanmiller

@BRRABill said in SysLog Forwarding for XenServer:

@momurda said in SysLog Forwarding for XenServer:

@BRRABill
Yes, no issues. Didn't even use the fixup disc option. Took a few minutes to start up but it worked right away

Yep, pretty sweet indeed.

When I get some time I'm going to forward all my Windows event logs there.

You've got GrayLog2 working now?

BRRABill

@scottalanmiller said in SysLog Forwarding for XenServer:

@BRRABill said in SysLog Forwarding for XenServer:

@momurda said in SysLog Forwarding for XenServer:

@BRRABill
Yes, no issues. Didn't even use the fixup disc option. Took a few minutes to start up but it worked right away

Yep, pretty sweet indeed.

When I get some time I'm going to forward all my Windows event logs there.

You've got GrayLog2 working now?

Yeah it was super simple.

BRRABill

I am the new King of Open Source.

dafyre

@BRRABill said in SysLog Forwarding for XenServer:

I am the new King of Open Source.

H aha ha. How's that?

BRRABill

@dafyre said in SysLog Forwarding for XenServer:

@BRRABill said in SysLog Forwarding for XenServer:

I am the new King of Open Source.

H aha ha. How's that?

It's my answer to anything.

Need a new logging server? Open Source!

Need a new XXXXXX? Open Source!