hi, I just happened to be thinking about SNMP support. Cisco seems to have a MIB for syslog->snmp translation. So if anyone volunteers to anything related, I think this should be followed: http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=clogMessageG... On Thu, 2010-12-09 at 11:54 -0800, Matthew Hall wrote:
My advice, Net-SNMP via Perl if Perl is fast enough.
Otherwise next easiest would be Westhawk SNMP via Java.
If that won't work then Net-SNMP via C or SNMP++ via C++ is the fastest there is.
I have a lot of experience writing SNMP network management software so I can try to get you straightened out if you run into trouble.
Matthew.
On Thu, Dec 09, 2010 at 01:05:26PM -0600, Martin Holste wrote:
I think program() is the best bet for you. I haven't had anything like that happen when using program(). What version of syslog-ng are you using? I don't think syslog-ng is sending newlines, but your script may be interpreting "silence" from syslog-ng as nothing and appending a newline or something. If you post a snippet from your script showing how it's reading from syslog-ng, that would help. It would also help to see the config relevant to the program() destination.
On Thu, Dec 9, 2010 at 12:27 PM, Jay <difficult_id@yahoo.com> wrote:
Have a requirement to convert all incoming syslogs to SNMP traps and send it to another host. One option I could think of is to use program () destination.
When I tried this option, I find that syslog-ng is continuously sending newline characters to the specified program. i.e. even when no syslog is received, syslog-ng seems to be pumping newline chars to the specified program.
Also I read the warning message in admin guide that, it will open up the door to DOS attack.
Could someone let me know the best way to achieve this, please ?
-- Bazsi