Search the Community

Showing results for tags 'syslog'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • LogicModule Exchange
    • LM Exchange
    • LM Staff Contributions
  • Product Announcements
    • LogicMonitor Notices
  • LogicMonitor Product Q&A
    • Feature Requests
    • Ask the Community
    • From the Front

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 7 results

  1. Hey there, is there any chance to have syslog on collector using also a TCP port? Thanks, petr
  2. Please add option to remap syslog severities to the LM severity values. At present syslog error level is red in LM and in many cases these are not critical errors from a service point of view, so we would like to remap them down to amber.
  3. One thing everybody is looking for is convergence, a single tool that does everything for observability. Monitoring, metrics, log analysis - LM does a good job on the first two, but I still need a separate tool to get useful metrics and trends out of my application logs. LM should look into adding ELK-as-a-Service to the LM feature stack (provide customers with an API endpoint they can feed logs to or something), and then customers could have service-level monitoring (URL response times, etc.), plus the traditional LM suite of monitors/metrics, plus LM Cloud, *plus* the most useful info of all: data mined from application logs. That's generally where the really good insights come from (and most of what's unique to each customer's business/offering). ELK is well-known, open source, and fairly mature. Relatively easy to scale as well; should be easy for LM engineering to put together for a proof of concept anyway. Meanwhile, I'm looking at things like Papertrail, Librato and Logz.io for my application logs - but I'd really like to have One Tool to Rule Them All.
  4. Our team has verified that secure syslog forwarding (via TLS) is not supported currently and would like to submit a feature request to LogicMonitor DEV team to asses whether secure syslog forwarding can be implemented. An example will be syslog-ng forwarding secure (i.e. encrypted) syslog messages to LogicMonitor collector. https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/concepts-tls.html This will enable centralized logging server to forward secure syslog messages to LogicMonitor collector then. Thanks & Best Regards, Horace
  5. Syslog Issues: #1. The person who asked to have SYSLOG present a "cleared" message.....CLEARLY does not understand that a SYSLOG is NOT A tracked condition like an OID value is....it is a SINGLE SPOT in time....and event that "happened" and does NOT "clear" as you can't change the past. #2. The programmers HONORING that (deeply flawed) request frustrates me to no end.....team, I get the mantra "the customer is always right" .....except when they're wrong it is in EVERYONE's best interest if you retrain the un-skilled users in what a baseline understanding should be. I have no tolerance for bad design making it into development when people should know better. #3. You should have provided those of us who know better, a way to OPT OUT of these bad design decisions.
  6. Syslog issues: 1. Being bound to only the two RFC for syslog is near sighted: syslog / timestamp / formatting should be more flexible. 2. the biggest concern I have is that Syslog should reflect the time stamp of the COLLECTOR'S NIC at the time the syslog packet ARRIVES at the collector....not the syslog / timestamp of the system sending the message : this is especially important with systems where clock settings or NTP are currently failing......alerting is based on the time stamp : if the time stamp says Jan 1st 2001 12:01am becasue the CMOS battery on the unit failed......than we NEVER see those syslog messages due to alerting range.
  7. LogicMonitor Ticket request (50445) Currently the platform only supports syslog alerting for messages equal to and above Warning Level. Syslog messages below Warning are ignored. (Notice, Informational, Debug) We would like to have Notice and potentially even Informational syslog message alerts available on the LogicMonitor platform. Whats the reason for the feature request ? Many network devices have important syslog messages classified as Notice by default. Here are just some examples I have found personally on our Juniper devices. VCCPD_PROTOCOL_ADJDOWN OSPF NEI DOWN SSHD_LOGIN_FAILED LOGIN_FAILED LACPD_TIMEOUT This is just one Platform. Juniper does allow you to reclassify syslog messages to any severity level you want but its not a scalable solution. Also some platforms don't allow you to change classification at all (Palo Alto)