Last active
August 6, 2025 15:27
-
-
Save indigo423/4cf820680a4c0a9b96310fb4ce08a76a to your computer and use it in GitHub Desktop.
Include the hpe.demo.parser.xml in the /opt/opennms/etc/syslogd-configuration.xml see line 49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0"?> | |
| <syslogd-configuration> | |
| <!-- | |
| optional attribute "timezone": | |
| - if set it will be used as default timezone if no timezone is given | |
| - if not set the system time zone will be used | |
| --> | |
| <configuration | |
| syslog-port="10514" | |
| new-suspect-on-message="false" | |
| parser="org.opennms.netmgt.syslogd.RadixTreeSyslogParser" | |
| forwarding-regexp="^.*\s(19|20)\d\d([-/.])(0[1-9]|1[012])\2(0[1-9]|[12][0-9]|3[01])(\s+)(\S+)(\s)(\S.+)" | |
| matching-group-host="6" | |
| matching-group-message="8" | |
| discard-uei="DISCARD-MATCHING-MESSAGES" | |
| timezone="" | |
| /> | |
| <!-- | |
| NOTE: This uses the CustomSyslogParser and forwarding-regexp for backwards compatibility. If your | |
| syslog sources will always use a particular format, it's better to use one of the more specific parsers | |
| in the "parser" attribute, above. | |
| Available parsers: | |
| * org.opennms.netmgt.syslogd.CustomSyslogParser: A backwards-compatible parser that has the same behavior | |
| as OpenNMS 1.8 (and previous). It has relaxed standards and can usually pull data out of most BSD- | |
| or Syslog-NG-style traps. | |
| * org.opennms.netmgt.syslogd.RadixTreeSyslogParser: This parser uses a set of patterns to match all | |
| RFC 3164, RFC 5424, and syslog-ng message formats. Because it is the most flexible parser, it is the | |
| preferred implementation in most cases. Like the legacy Rfc5424SyslogParser, it currently discards | |
| RFC 5424 structured data. It ignores the forwarding-regexp, matching-group-host, and matching-group-message | |
| parameters in favor of using an internal set of patterns. | |
| * DEPRECATED: org.opennms.netmgt.syslogd.SyslogNGParser: A stricter variant of the CustomSyslogParser which parses | |
| Syslog-NG's default format. It ignores forwarding-regexp, matching-group-host, and matching-group-message | |
| and instead relies on a well-known properly-formatted syslog message. | |
| * DEPRECATED: org.opennms.netmgt.syslogd.Rfc5424SyslogParser: A parser that handles the new Syslog standard (as | |
| defined in RFC5424). It has strict parsing that should match the grammar specified in the RFC, although | |
| it currently discards structured data. Like the SyslogNGParser, it ignores forwarding-regexp, | |
| matching-group-host, and matching-group-message in favor of stricter parsing of the known grammer. | |
| *** PERFORMANCE NOTES *** | |
| For the most deterministic performance of OpenNMS when matching syslog messages, you should *always* | |
| anchor your regular expression matches with ^ and $, like in the examples below. Failure to do so can | |
| cause extreme slowdowns, especially with large amounts of <ueiMatch> tags. | |
| --> | |
| <!-- Custom syslog configs go here --> | |
| <import-file>syslog/hpe.demo.parser.xml</import-file> | |
| <import-file>syslog/ApacheHTTPD.syslog.xml</import-file> | |
| <import-file>syslog/LinuxKernel.syslog.xml</import-file> | |
| <import-file>syslog/NetgearProsafeSmartSwitch.syslog.xml</import-file> | |
| <import-file>syslog/OpenSSH.syslog.xml</import-file> | |
| <import-file>syslog/OpenWrt.syslog.xml</import-file> | |
| <import-file>syslog/Procmail.syslog.xml</import-file> | |
| <import-file>syslog/Postfix.syslog.xml</import-file> | |
| <import-file>syslog/Sudo.syslog.xml</import-file> | |
| </syslogd-configuration> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment