[syslog-ng]Monitoring connection
Gregor Binder
gb@rootnexus.net
Tue, 2 Oct 2001 12:10:49 +0200
Roman Ernst on Tue, Oct 02, 2001 at 11:14:49AM +0200:
Roman,
> Is it possible to configure an SYSLOG-COLLECTION-SERVER to give any kind of
> alert whenever the connection between this server and any syslog-client is
> dropped?
[..]
> Or... does anybody have an idea how to solve this problem another way?
ideally, you would tackle this problem by integrating syslog-ng monito-
ring into whatever you use to monitor other software. If your company
runs some sort of monitoring software (would be Tivoli in your case I
guess :)), you could either use log parsing mechanisms (IIRC, syslog-ng
will tell you that it lost connection), or parse the output of netstat
(-anf inet, or whatever parameters AIX netstat takes) to verify that the
connections you would expect to be there are actually established.
If you do not have access to monitoring software, you could also use
some sort of program() destination with some match() sort of filter, and
use some sort of script that will do the alarming you desire.
Obviously, the monitoring software solution always tends to be more
bloated, but if it's already in use, use it, since it will provide ways
to avoid redundant alerting and similar problems that will arise other-
wise.
Greetings,
--
____ ____
/ _/| - > Gregor Binder <gb@(rootnexus.net|sysfive.com)>
| / || _\ \
\__ Id: 0xE2F31C4B Fp: 8B8A 5CE3 B79B FBF1 5518 8871 0EFB AFA3 E2F3 1C4B