{"id":127,"date":"2008-08-29T20:09:06","date_gmt":"2008-08-29T18:09:06","guid":{"rendered":"http:\/\/www.netexpertise.eu\/fr\/?p=127"},"modified":"2021-10-11T21:26:06","modified_gmt":"2021-10-11T20:26:06","slug":"centralisation-logs-cacti","status":"publish","type":"post","link":"http:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html","title":{"rendered":"Centralisation des logs avec Cacti"},"content":{"rendered":"<div style=\"float:left; margin-right:15px; margin-top:0px;\">\n<script async=\"\" src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js\"><\/script><br \/>\n<!-- 200x200, Netexpertise --><br \/>\n<ins class=\"adsbygoogle\" style=\"display:inline-block;width:200px;height:200px\" data-ad-client=\"ca-pub-6495750100906580\" data-ad-slot=\"1946825373\"><\/ins><br \/>\n<script><br \/>\n(adsbygoogle = window.adsbygoogle || []).push({});<br \/>\n<\/script><\/div>\n<p>J&rsquo;ai cherch\u00e9 pendant longtemps un bon outil permettant de g\u00e9rer les messages envoy\u00e9s vers un serveur central de logs. <a href=\"http:\/\/www.logwatch.org\">Logwatch<\/a> envoie des rapports par email contenant des tonnes de messages, ou alors trop ax\u00e9s sur certaine applications. Les logs ne sont plus pass\u00e9s en revue en g\u00e9n\u00e9ral puis oubli\u00e9s. J&rsquo;ai ensuite trouv\u00e9 un module <a href=\"http:\/\/www.cacti.net\">Cacti<\/a> qui fait exactement ce que je cherchais, rapidement et facilement.<br \/>\n&nbsp;<\/p>\n<h3>Installation<\/h3>\n<p>Les \u00e9tapes d&rsquo;installation sont clairement d\u00e9crites sur le <a href=\"http:\/\/forums.cacti.net\/viewtopic.php?t=26040\">forum cacti<\/a>.<br \/>\nJe devrais mentionner que le module ne supporte que <a href=\"http:\/\/www.balabit.com\/network-security\/syslog-ng\/\">syslog-ng<\/a>, et non pas <a href=\"http:\/\/www.syslog.org\">syslog<\/a>.<br \/>\n&nbsp;<\/p>\n<h3>Configuration<\/h3>\n<p>J&rsquo;ai filtr\u00e9 uniquement les messages \u00e0 en ne gardant que les erreurs et les critiques. Il suffit de modifier la configuration de syslog-ng:<\/p>\n<pre>filter f_cacti  { level(error..emerg) and\n                        not (facility(mail)\n                        or facility(authpriv)\n                        or facility(cron)); };\n\nsource net {\n    udp();\n};\n\ndestination d_mysql {\n    pipe(\"\/tmp\/mysql.pipe\"\n    template(\"INSERT INTO syslog_incoming (host, facility, priority, date, time, message) VALUES ( '$HOST', '$\nFACILITY', '$PRIORITY', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$MSG' );\\n\")\n    template-escape(yes)\n     );\n};\n\nlog { source(net); filter(f_cacti); destination(d_mysql); };\nlog { source(s_sys); filter(f_cacti); destination(d_mysql); };\n\n<\/pre>\n<p>&nbsp;<br \/>\nIl est ensuite possible de filtre les logs en utilisant des \u00ab\u00a0patterns\u00a0\u00bb, les trier par serveur, criticit\u00e9 ou date, ou recevoir des alertes, comme montr\u00e9 sur la capture d&rsquo;\u00e9cran:<br \/>\n&nbsp;<br \/>\n<img src=\"\/images\/cacti-syslog.png\" alt=\"Syslog plugin for Cacti\"><br \/>\n&nbsp;<br \/>\nUn seul regret: Il n&rsquo;y a pas d&rsquo;option pour marquer un log comme \u00ab\u00a0En cours de traitement\u00a0\u00bb ou \u00ab\u00a0trait\u00e9\u00a0\u00bb par exemple.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>J&rsquo;ai cherch\u00e9 pendant longtemps un bon outil permettant de g\u00e9rer les messages envoy\u00e9s vers un serveur central de logs. Logwatch envoie des rapports par email contenant des tonnes de messages, ou alors trop ax\u00e9s sur certaine applications. Les logs ne sont plus pass\u00e9s en revue en g\u00e9n\u00e9ral puis oubli\u00e9s. J&rsquo;ai ensuite trouv\u00e9 un module Cacti [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false},"categories":[10],"tags":[135,407,137,61],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.13 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Netexpertise - Centralisation des logs avec Cacti<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Netexpertise - Centralisation des logs avec Cacti\" \/>\n<meta property=\"og:description\" content=\"J&rsquo;ai cherch\u00e9 pendant longtemps un bon outil permettant de g\u00e9rer les messages envoy\u00e9s vers un serveur central de logs. Logwatch envoie des rapports par email contenant des tonnes de messages, ou alors trop ax\u00e9s sur certaine applications. Les logs ne sont plus pass\u00e9s en revue en g\u00e9n\u00e9ral puis oubli\u00e9s. J&rsquo;ai ensuite trouv\u00e9 un module Cacti [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html\" \/>\n<meta property=\"og:site_name\" content=\"Netexpertise\" \/>\n<meta property=\"article:published_time\" content=\"2008-08-29T18:09:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-11T20:26:06+00:00\" \/>\n<meta name=\"author\" content=\"dave\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@netexpertise\" \/>\n<meta name=\"twitter:site\" content=\"@netexpertise\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html\",\"url\":\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html\",\"name\":\"Netexpertise - Centralisation des logs avec Cacti\",\"isPartOf\":{\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/#website\"},\"datePublished\":\"2008-08-29T18:09:06+00:00\",\"dateModified\":\"2021-10-11T20:26:06+00:00\",\"author\":{\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"http:\/\/www.netexpertise.eu\/fr\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Centralisation des logs avec Cacti\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/#website\",\"url\":\"http:\/\/www.netexpertise.eu\/fr\/\",\"name\":\"Netexpertise\",\"description\":\"Syst\u00e8mes \/ R\u00e9seaux \/ DevOps\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.netexpertise.eu\/fr\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632\",\"name\":\"dave\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g\",\"caption\":\"dave\"},\"sameAs\":[\"http:\/\/www.netexpertise.eu\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Netexpertise - Centralisation des logs avec Cacti","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html","og_locale":"fr_FR","og_type":"article","og_title":"Netexpertise - Centralisation des logs avec Cacti","og_description":"J&rsquo;ai cherch\u00e9 pendant longtemps un bon outil permettant de g\u00e9rer les messages envoy\u00e9s vers un serveur central de logs. Logwatch envoie des rapports par email contenant des tonnes de messages, ou alors trop ax\u00e9s sur certaine applications. Les logs ne sont plus pass\u00e9s en revue en g\u00e9n\u00e9ral puis oubli\u00e9s. J&rsquo;ai ensuite trouv\u00e9 un module Cacti [&hellip;]","og_url":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html","og_site_name":"Netexpertise","article_published_time":"2008-08-29T18:09:06+00:00","article_modified_time":"2021-10-11T20:26:06+00:00","author":"dave","twitter_card":"summary_large_image","twitter_creator":"@netexpertise","twitter_site":"@netexpertise","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html","url":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html","name":"Netexpertise - Centralisation des logs avec Cacti","isPartOf":{"@id":"http:\/\/www.netexpertise.eu\/fr\/#website"},"datePublished":"2008-08-29T18:09:06+00:00","dateModified":"2021-10-11T20:26:06+00:00","author":{"@id":"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632"},"breadcrumb":{"@id":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.netexpertise.eu\/fr\/systeme\/linux\/centralisation-logs-cacti.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"http:\/\/www.netexpertise.eu\/fr"},{"@type":"ListItem","position":2,"name":"Centralisation des logs avec Cacti"}]},{"@type":"WebSite","@id":"http:\/\/www.netexpertise.eu\/fr\/#website","url":"http:\/\/www.netexpertise.eu\/fr\/","name":"Netexpertise","description":"Syst\u00e8mes \/ R\u00e9seaux \/ DevOps","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.netexpertise.eu\/fr\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/e398f0307e2b167f6b884c4953be2632","name":"dave","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"http:\/\/www.netexpertise.eu\/fr\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/1129916e1f4955bd632f27f836f64e55?s=96&d=mm&r=g","caption":"dave"},"sameAs":["http:\/\/www.netexpertise.eu"]}]}},"_links":{"self":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts\/127"}],"collection":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/comments?post=127"}],"version-history":[{"count":0,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/posts\/127\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/media?parent=127"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/categories?post=127"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.netexpertise.eu\/fr\/wp-json\/wp\/v2\/tags?post=127"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}