rsyslog with syslog

[rtty88]

I get this Error evey time I follow the artical to install the plugin for syslog

Edit /etc/rsyslog.d/cacti.conf

$ModLoad imudp
$UDPServerRun 514
$ModLoad ommysql

$template cacti_syslog,"INSERT INTO syslog_incoming(facility_id, priority_id, program, logtime, host, message)
values (%syslogfacility%, %syslogpriority%, '%programname%', '%timegenerated:::date-mysql%', '%HOSTNAME%', TRIM('%msg%'))", SQL

. >localhost,my_database,my_user,my_password;cacti_syslog

any solution for that
my version is 1.2.26

[arno-st]

I have this config without error:

# Provides UDP syslog reception
# for parameters see http://www.rsyslog.com/doc/imudp.html
module(load="imudp") # needs to be done just once
input(type="imudp" port="5544")

module(load="ommysql")

$template cacti_syslog,"INSERT INTO syslog_incoming(facility_id, priority_id, program, logtime, host, message) \
  values (%syslogfacility%, %syslogpriority%, '%programname%', '%timegenerated:::date-mysql%', '%HOSTNAME%', TRIM('%m
sg%'))", SQL

# I'm using local6 a facility to filter with other syslog agent, if don't need it just remove the IF statement.
if $syslogfacility-text == 'local6' then {
# you have to adapt the server IP, and server port for your design
        action(type="ommysql" server="127.0.0.1" serverport="6033" db="syslog_test" uid="USERID" pwd="PASSWORD"
 Template="cacti_syslog" )
        *.* stop
}

I also have some trouble with the old fashion way to write the rule into syslog config file.

[rtty88]

if needed it here is a complete install cacti syslog ova file _ just remove () drive.google(.)com/file/d/12zf5zJkYj78ruEmfUlIIaSQx0XJXjoj8/view?usp=sharing

[TheWitness]

So, this is resolved then?

[rtty88]

so far yes but am still not able to see the source Hostname in syslog logs , it showing only the IP address

[bmfmancini]

@rtty88 some devices only report into syslog with IP address and not the hostname
if the Device only reports with the IP and there is no DNS record you will only see the IP in syslog