Trigger - Integration RSyslog
Integrate with RSyslog
Prerequisites
Define the Syslog event to monitor
Where {FACILITY} and {SEVERITY} give a first filter on the Syslog events you want to trigger.
{PATH_TO_YOUR_SCRIPT} indicates the path to the given script that will launch the $U trigger.
If you want to trigger several Syslog events, you can add other lines of that kind. You could have for example, something like:
NB: You can only filter the Syslog events by their facility and their severity here. If you want more advanced filters, this should be done on $U side.
NB: For performance considerations, you should avoid having a line like that:
Define which $U node to target
NB: You must inform either the authentication key or your credentials.
NB: If you inform both the authentication key and your credentials, only the authentication will be taken into account.
Event properties
The given script transmit, by default, the following event properties:
Customize the transmitted event properties
If you want to add or remove some event properties, you should modify the t_orsyp_trigger template or add a new one.
The template have to be like this: "%property1%|%property2%|...|%propertyN%"
With '|' separating each considered property.
Please refer to this page for the list of the available properties: http://www.rsyslog.c...y_replacer.html.
Then, you also need modify the given script accordingly.
Just search for the following comment to find the places where you have to modify the script:
Output
Basically, the output of the script will be something like:
Then the output gives you basic trigger related operations:
It will give you the launch number of the launched jobs, or the code and error message if a launch has failed.
NB: By default this is logged into a .log file with the same name as your script. You can transform it to a console output by modifying the log_to_file attribute value to "0".
- Unix with Rsyslog server for system logging.
- cURL (cf. http://curl.haxx.se/)
Define the Syslog event to monitor
- Go to directory containing your "rsyslog.conf" file (this should be /etc).
- Edit "rsyslog.conf" file.
- Go at the end of the file.
- Add the following line, that defines a template output:
$template t_orsyp_trigger,"%programname%|%hostname%|%syslogfacility%|%syslogseverity%|%timereported%|%msg%"
- Add the following line, that defines which kind of events you want to monitor:
{FACILITY}.{SEVERITY} ^{PATH_TO_YOUR_SCRIPT};t_orsyp_trigger
Where {FACILITY} and {SEVERITY} give a first filter on the Syslog events you want to trigger.
{PATH_TO_YOUR_SCRIPT} indicates the path to the given script that will launch the $U trigger.
If you want to trigger several Syslog events, you can add other lines of that kind. You could have for example, something like:
kern.* ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger
auth.* ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger
*.crit ^/var/opt/ORSYP/DUAS/rsyslog_event_trigger.sh;t_orsyp_trigger
NB: You can only filter the Syslog events by their facility and their severity here. If you want more advanced filters, this should be done on $U side.
NB: For performance considerations, you should avoid having a line like that:
*.* ^{PATH_TO_YOUR_SCRIPT};t_orsyp_trigger
Define which $U node to target
- Inform the attributes giving the definition of the target $U node:
- host: The hostname of the $U node.
- port: The port number of the $U api.
- area: The target area.
- Inform the attributes giving the way you are going to authenticate yourself to $U node:
NB: You must inform either the authentication key or your credentials.
NB: If you inform both the authentication key and your credentials, only the authentication will be taken into account.
- authentication_key: The authentication key you got via UVC. OR
- user / password: Your credentials.
- [optional] You can modify the event type that will be raised on $U. By default this event type is: "SYSLOG_EVENT".
- Save and close the script.
- Ensure that the script is executable by the rsyslog server.
Event properties
The given script transmit, by default, the following event properties:
- PROGRAM: The name of the program that raised the Syslog event.
- HOST: The host of this program.
- FACILITY: The Syslog facility level numeric value (cf. http://en.wikipedia....Facility_levels).
- SEVERITY: The Syslog severity level numeric value (cf. http://en.wikipedia....Severity_levels).
- DATE: The date/time when the Syslog event has been raised.
- MESSAGE: The message of the Syslog event.
Customize the transmitted event properties
If you want to add or remove some event properties, you should modify the t_orsyp_trigger template or add a new one.
The template have to be like this: "%property1%|%property2%|...|%propertyN%"
With '|' separating each considered property.
Please refer to this page for the list of the available properties: http://www.rsyslog.c...y_replacer.html.
Then, you also need modify the given script accordingly.
Just search for the following comment to find the places where you have to modify the script:
# You should modify these lines if you modify
the list of considered event properties
Output
Basically, the output of the script will be something like:
Script launched at {DATE}
Login on {HOST}:{PORT} --> Success
Send event TEST --> Incomplete
=> Trigger: TEST1 --> Launch number: XXXXXXX
=> Trigger: TEST2 --> Error 1023: Only provoked tasks can be triggered.
Logout --> Success
Then the output gives you basic trigger related operations:
- Login (if no authentication key given)
- Event type launch
- Logout (if no authentication key given)
It will give you the launch number of the launched jobs, or the code and error message if a launch has failed.
NB: By default this is logged into a .log file with the same name as your script. You can transform it to a console output by modifying the log_to_file attribute value to "0".
No content available.
No content available.
Please log in using your Broadcom account to download this plugin.
Please log in using your Broadcom account to download this plugin.
Products | Workload Automation, Dollar Universe Workload Automation |
Operating Systems | Linux |
Last update | 2015-05-12 00:46:27.0 |
Supported by | |
Community Source | trigger-integration-rsyslog |
Broadcom does not support, maintain or warrant Solutions, Templates, Actions and any other content published on the Community
and is subject to Broadcom Community Terms and Conditions.
|