Syslog-ng not triggering Python script

Question

I am currently trying to setup a Syslog application to trigger a certain python script when a certain message is found however I'm having trouble calling the python script. Below is the current config file.

To confirm, I am seeing logs into the log destination, however the program destination isn't working for some reason.

For information I've been using https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/reference-filters.html#filter-message

and also https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/patterndb-actions-external.html

as a reference, the config is a bit messy but that's because I'm still in the initial stages.

@version: 3.5
@include "scl.conf"
@include "`scl-root`/system/tty10.conf"

# Syslog-ng configuration file, compatible with default Debian syslogd
# installation.

# First, set some global options.
options { chain_hostnames(off); flush_lines(1); use_dns(no); use_fqdn(no);
          owner("root"); group("adm"); perm(0640); stats_freq(0); keep-        
hostname(yes);
};


#destination dest_triggers{ program("/bin/echo 'haha' >> /tmp/test");};
destination dest_triggers{ program("python             
/home/jonathan/PycharmProjects/FYP/syslog.py >> /tmp/testfile");};
filter int_down_trigger {
        message(".*changed state to down");
};
source s_net { syslog(transport("udp"));};
destination d_network_local { file("/var/log/messages_${HOST}"); };
log{source(s_net); destination(d_network_local); };

#log{source(s_net); filter(int_down_trigger); destination(dest_triggers); };
log{source(s_net);  destination(dest_triggers); };

@include "/etc/syslog-ng/conf.d/*.conf"

Python Script:

import time
    with open('downlog', 'a+') as f:
        f.write(time.strftime("%A, %d %B - %X" )+"A link went down\n")
        f.close()

To add to this, when I tried the currently commented out destination of program with using echo that worked, although it did keep adding to the test file till I eventually re-started. But reverting to the python destination didn't work — ggjono, Jan 25 '18 at 21:25
Hi, in your post you mention the a link to external actions using a pattern database, but you do not use it in your config. For details about the program destination, see https://syslog-ng.com/documents/html/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/configuring-destinations-program.html. Also, try running syslog-ng with the -Fevd comman-line options, or check the output of the internal() source to see if there are any error messages about your python destination. — Robert Fekete, Jan 26 '18 at 07:45
So I'm currently ignoring the filter for running the python script. If you check the log line I have currently have active it will trigger the python script for every log, I wanted this to ensure it worked before adding in the filter. The issue is that I can't trigger the python script. I've added in the -Fevd command you suggested and Its given me a huge dump of output You can see the output here: https://pastebin.com/dMFZaxFB Note there should be no logs as nothing was connected to my device. — ggjono, Jan 29 '18 at 12:46
Okay update, i've been playing around a bit and it seems to be running, it was opening the file in my home directory rather than where my script was... so thats why I didn't find it. However as you can see from the paste above it's creating large amounts of spurious logs. the paste above is from a few seconds. the other log statement I have doesn't seem to have the issue and isn't reporting any logs? Is there any reason why its doing this? — ggjono, Jan 29 '18 at 20:00

Syslog-ng not triggering Python script

0 Answers0