Hey Skunks

As usual i have to report back , now Rsyslog has its issues but i abandoned it due to some limitations here and there but i think it works , anyways here is my solution below

I installed syslog-ng and made sure that it was listening to port 514 , then on my windows servers i install nx-log and snare (Snare will now be the official agent for me) , what made it all work beleive or not is an update on Observium that finally the logs came in , so most important to check is the version , they changed the way Observium reads logs from the loggers ..

All in all , i think am 10% Linux compliant :D ... n no use of stopping here , Thanks To all

On Thu, Sep 5, 2013 at 3:35 PM, geoffrey gitagia <ggitagia@gmail.com> wrote:

sorry
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/789174

http://www.rsyslog.com/ubuntu-repository/

On Thu, Sep 5, 2013 at 3:35 PM, geoffrey gitagia <ggitagia@gmail.com> wrote:

Thanks guys let me check but i run into this

On Thu, Sep 5, 2013 at 1:46 PM, Alex Nyalita <nyalita@gmail.com> wrote:

You could share whatever works. Tried windows a while back but was too lazy to troubleshoot after it failed.

----

Kind Regards,

Alex Nyalita

On Thu, Sep 5, 2013 at 1:14 PM, Odhiambo Washington <odhiambo@gmail.com> wrote:

Hi GG,

Disclaimer: I have not tried any of this, though I like the idea.

As suggestions, I have seen these applications:
http://sourceforge.net/projects/el2sl/
http://www.saeedpazoki.com/how-to-send-windows-events-to-syslog-server/
http://code.google.com/p/eventlog-to-syslog/

These tutorials:

http://troy.jdmz.net/syslogwin/
http://help.papertrailapp.com/kb/configuration/configuring-remote-syslog-from-windows
http://www.rsyslog.com/forward-windows-eventlogs-with-rsyslog-windows-agent/

- which I am sure you are already familiar with...

- and think that with Wireshack (on the Windows PCs) and tcpdump (on the Limux) , you should be able to see what is going on.

On 5 September 2013 09:47, geoffrey gitagia <ggitagia@gmail.com> wrote:

Hi All
once again my adventures in open source has led me back here , so here is my issue

I have setup Observium (On ubuntu) to monitor my servers which its doing a heck of a job , i have everything running (80%) but now i want to be getting event logs , i setup rsyslog and its up and running listening to port 154 on udp (still trying to get TCP) , but my main issue is that i cant get any of the windows event log to syslog converters working am on nxlog and snare (not sure if they are checking udp but my configs are set to udp) , so my question is how do i check on where the problem is and if possible how to fix it.

--
GG

_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke

--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254733744121/+254722743223
"I can't hear you -- I'm using the scrambler."

_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke

_______________________________________________
skunkworks mailing list
skunkworks@lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke

--
GG

--
GG

--
GG