I started working on rsyslog like yesterday so i am very new to this. I am facing a problem. In my rsyslog.conf file i set the file format like this:
$ActionFileDefaultTemplate RSYSLOG_FileFormat
This shows logs in changed format on my own machine but when i checkout my remote server machine. Logs are getting forward but they are in a different format. How do i show remote machine logs in certain format. Is it even possible to configure that from my client machine?
Related
Problem:
I'm using apache nifi on ubuntu 18.04 on virtualbox 6.1. I manage to use apache nifi once without any problems. The log in page using localhost:8443 works the first time, but after a while when I start apache nifi again (e.g. after a reboot of the machine) and when I goto localhost:8443 again I do not get a page to log into nifi anymore.
All that appears are some symbols and I cannot log into nifi like the first time. Basically I want to be able to log into apache nifi. I'm not sure why the symbols appear instead of the log in page.
Here's what I do:
I start apache nifi-1.16.3 from its installation with its start command:
bin/nifi.sh start
bin/nifi.sh status
Nifi looks to start correctly and the status command shows that nifi is running
I then enter localhost:8443/nifi/login in firefox web browser and I am presented a page that only contains symbols.
What i've tried:
I've downloaded nifi again and started another instance using the fresh download. This does the same i.e. it will show the login page correctly the first time I use it. Then when I try to access the login page after a time via the localhost it will show the symbols instead of the log in page.
I've checked to see whether the port 8443 is being used by something else but it seems free. When nifi is running I check the port, then I shut it down. Once it is shut down no other service etc. is using port 8443. When trying to access localhost:8443 instead of the symbols it shows "Unable to connect" when nifi is shutdown down.
Not sure what else to explore to solve this issue where I can't access the log in GUI through the localhost.
Just add a secure HTTP protocol like this: Local Host
I'm running an Ubuntu Server on an Amazon EC2 Service. And I'm using the Node-RED to create an IOT project on the cloud.
I succeeded configuring one machine in a way that it works for my project. My problem is when I clone this machine (creating an Amazon Machine Image of my original server and launching it as a new machine). I don't know why all the nodes that I've created on the graphical interface with the Node-RED disappear when I clone my Ubuntu Server. On my cloned server I just see a blank page when I access the Node-RED as if I had never created any node on the original server:
I think this is a problem with the Node-RED because I'm also running a Kibana instance on the same server and all Kibana's graphical configurations are preserved with the cloned server.
Does anyone know why this is happening? Is there a specific configuration on the Node-RED that I have to change to allow its graphical interface to be cloned?
OBS: I know I could just export everything that I did on the original server to my cloned server using the Node-RED import/export tools... But I'm planning to clone my original server many times, so it'd be better if everything were exactly the same when I clone the machine, without the need of manual work.
Node-RED stores the flow in a file in the ~/.node-red/ directory of the user running that instance, the file name is based on the host name of the machine.
e.g. on a raspberry pi the default flow file is called:
/home/pi/.node-red/flows_raspberrypi.json
So assuming that the host name gets changed when you "clone" the machine, Node-RED will not be able to find a flow file that matches the host name and as such start with an empty flow.
There are a few of ways to work round this.
if you start Node-RED manually from the command line you can specify the flow file as the last argument: node-red flow.json
if you are running Node-RED as a service then you can edit the ~/.node-red/settings.js to include a flowFile key that holds the name of the flow to use.
I want to feed a log file to logstash. But the file is on a remote host. Is there a way to make logstash consume this file? Then, I will forward the events to an elasticsearch instance running on the same machine as logstash.
Conversely, is it possible to run logstash on one machine but send output to elasticsearch running on another machine?
Please can anyone provide me the configuration of logstash to access the log that are located on a remote system. I have tried with IP address, but it says that the plugin failed.
You are going to need to set up some sort of shipping method from your remote system to your system, i.e. logstash-forwarder. Here is a good guide for getting that set up.
Logstash-forwarder on your remote system will watch any logs that you specify in the logstash-forwarder configuration, and it will ship those logs to your system that is running Logstash server.
I have configured logstash, elastic search and kibana on a Linux machine.
I tried to send logs from the Linux machine, it was successfully sent and working fine (Apache logs, system logs, log4j logs). I also tried sending it from a Windows machine. Normal logs are working fine but Windows Event Logs are not working (.evtx files).
Any idea on why it is working from Linux but not Windows?