Welcome to Pandora FMS Community!

Find answers, ask questions, and connect with our community around the world.

Welcome to Pandora FMS Community Forums Community support Syslog collection by satellite agent

  • Community support

    Syslog collection by satellite agent

    Posted by Anonymous on July 14, 2009 at 12:01

    Hi,

    I may appear to be lazy here but could someone let me know if the following is possible now, possible in a future release, or possible by paying someone to develop easily:

    I’d like to deploy satellite agents to a variety of sites that belong to clients of mine. Each site would have an agent installed on what would 95% of the time be a Windows computer. The satellites would then ideally open a socket on UDP514 and accept syslog data. Using some form of control on the agent, either all or certain syslog messages would then be forwarded to the central PandoraFMS server where they could trigger alerts. Hopefully the syslog stream would be gzip compressed in a buffer and sent using the same Tentacle connection as everything else. What would be even more amazing is if we could extract information out of the syslog data as well but I fear that I’m pushing my luck slightly on that feature. Alternatively, the syslog data is relayed to the central server where it can be streamed into an alternative log analysis program (e.g. Splunk).

    If a syslog message contained a variety of attribute-value pairs such as ‘id=admin,policy=25,interface=eth0’ etc I would love to be able to use this information in the same way as information gathered via SNMP.

    I have downloaded the 2.11 debs and am starting to get to grips with PandoraFMS but if someone could let me know about the above I would be very grateful.

    I saw a similar post about syslog in Spanish but I’m not very good at understanding it and Google translate didn’t work very well on it.

    manu replied 15 years, 7 months ago 2 Members · 2 Replies
  • 2 Replies

  • villa

    Member
    July 16, 2009 at 06:59
    0 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Hi,

    Do you need collect all syslog or you find any word?. Pandora is not as Splunk, but in Windows and Linux Agent is possible find words in syslog with logical operators and send the results of Pandora.

    If you want contact with the company that develop Pandora you can do it in http://www.artica.es.

    Regards.

  • manu

    Member
    July 18, 2009 at 03:28
    0 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Hi Adrian4

    You can, indeed, set up satellite agents in your clients and send all the information from them to your location.
    As villa said, both, Linux and Windows agents are able to read from syslog in the linux scenario and from Event Log in Windows.
    Keep in mind the satellite agents will send the information (XML file with all the checks’ results, including the syslog or Event log on it) via tentacle every X interval.
    You can define text alerts based on the data gathered from the logs.

    Hope this helps

Start of Discussion
0 of 0 replies June 2018
Now

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .