Trigger - Integration RSyslog

Integrate with RSyslog


Prerequisites

Define the Syslog event to monitor

  • Go to directory containing your "rsyslog.conf" file (this should be /etc).

  • Edit "rsyslog.conf" file.

  • Go at the end of the file.

  • Add the following line, that defines a template output:


$template t_orsyp_trigger,"%programname%|%hostname%|%syslogfacility%|%syslogseverity%|%timereported%|%msg%"


  • Add the following line, that defines which kind of events you want to monitor:


{FACILITY}.{SEVERITY} ^{PATH_TO_YOUR_SCRIPT};t_orsyp_trigger


Where {FACILITY} and {SEVERITY} give a first filter on the Syslog events you want to trigger.
{PATH_TO_YOUR_SCRIPT} indicates the path to the given script that will launch the $U trigger.
If you want to trigger several Syslog events, you can add other lines of that kind. You could have for example, something like:


kern.* ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger



auth.* ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger



*.crit ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger


NB: You can only filter the Syslog events by their facility and their severity here. If you want more advanced filters, this should be done on $U side.
NB: For performance considerations, you should avoid having a line like that:



*.* ^{PATH_TO_YOUR_SCRIPT};t_orsyp_trigger



Define which $U node to target

  • Inform the attributes giving the definition of the target $U node:


    • host: The hostname of the $U node.

    • port: The port number of the $U api.

    • area: The target area.



  • Inform the attributes giving the way you are going to authenticate yourself to $U node:


NB: You must inform either the authentication key or your credentials.
NB: If you inform both the authentication key and your credentials, only the authentication will be taken into account.

  • authentication_key: The authentication key you got via UVC. OR

  • user / password: Your credentials.

  • [optional] You can modify the event type that will be raised on $U. By default this event type is: "SYSLOG_EVENT".

  • Save and close the script.

  • Ensure that the script is executable by the rsyslog server.


Event properties
The given script transmit, by default, the following event properties:

  • PROGRAM: The name of the program that raised the Syslog event.

  • HOST: The host of this program.

  • FACILITY: The Syslog facility level numeric value (cf. http://en.wikipedia....Facility_levels).

  • SEVERITY: The Syslog severity level numeric value (cf. http://en.wikipedia....Severity_levels).

  • DATE: The date/time when the Syslog event has been raised.

  • MESSAGE: The message of the Syslog event.


Customize the transmitted event properties
If you want to add or remove some event properties, you should modify the t_orsyp_trigger template or add a new one.
The template have to be like this: "%property1%|%property2%|...|%propertyN%"
With '|' separating each considered property.
Please refer to this page for the list of the available properties: http://www.rsyslog.c...y_replacer.html.
Then, you also need modify the given script accordingly.
Just search for the following comment to find the places where you have to modify the script:


# You should modify these lines if you modify
                                                                           the list of considered event properties



Output
Basically, the output of the script will be something like:

Script launched at
                                                                           {DATE}
Login on {HOST}:{PORT} --> Success
Send event TEST --> Incomplete
=> Trigger: TEST1 --> Launch number: XXXXXXX
=> Trigger: TEST2 --> Error 1023: Only provoked tasks can be triggered.
Logout --> Success


Then the output gives you basic trigger related operations:

  • Login (if no authentication key given)

  • Event type launch

  • Logout (if no authentication key given)


It will give you the launch number of the launched jobs, or the code and error message if a launch has failed.
NB: By default this is logged into a .log file with the same name as your script. You can transform it to a console output by modifying the log_to_file attribute value to "0".
No content available.
No content available.
No content available.
Please log in using your Broadcom account to download this plugin.
Please log in using your Broadcom account to download this plugin.
Products Workload Automation, Automic Automation
Versions 6.x
Operating Systems Linux
Last update 2015-05-12 00:46:27.0
Supported by
Community Source trigger-integration-rsyslog

Broadcom does not support, maintain or warrant Solutions, Templates, Actions and any other content published on the Community and is subject to Broadcom Community Terms and Conditions.