我们希望将某些事件从openNMS(在CentOS 7上为v.23.02)通过syslog转发到运行Windows Server 2012R2的服务器。我已经如下设置了syslog-northbounder-configuration.xml的参数,但是我没有看到使用Wireshark捕获任何UDP生成的任何东西(我也尝试过TCP。)我还使得配置中指出的特定事件正在触发并且可以在opennms的事件GUI中看到。每次我编辑配置xml时,我首先尝试通过Alarmd守护程序上的send-event.pl重新加载配置。如果那行不通,我就用opennms的完整systemctl重新启动。我想念什么?
<syslog-northbounder-config>
<!-- The following are set to the default values. -->
<enabled>true</enabled>
<nagles-delay>1000</nagles-delay>
<batch-size>100</batch-size>
<queue-size>300000</queue-size>
<message-format>ALARM ID:${alarmId} NODE:${nodeLabel} SEV:${severity}; ${logMsg}</message-format>
<!-- You can specify date format within <date-format>, default is ISO 8601 -->
<!-- You could do something like the following
<message-format>ALARM ID:${alarmId} NODE:${nodeLabel} IP:${ipAddr}
FIRST:${firstOccurrence} LAST:${lastOccurrence}
COUNT:${count} UEI:${alarmUei} SEV:${severity}
x733Type:${x733AlarmType} x733Cause:${x733ProbableCause}
${logMsg}
</message-format>
-->
<!-- More than one destination is supported -->
<destination>
<destination-name>SyslogTest</destination-name>
<host>10.1.2.1</host>
<port>514</port>
<ip-protocol>UDP</ip-protocol>
<facility>USER</facility>
<max-message-length>1024</max-message-length>
<send-local-name>true</send-local-name>
<send-local-time>true</send-local-time>
<truncate-message>false</truncate-message>
</destination>
<!-- Highly recommended, but not required, to only forward a set of Alarm UEIs -->
<uei>uei.opennms.org/nodes/nodeDown</uei>
<uei>uei.opennms.org/nodes/nodeUp</uei>
</syslog-northbounder-config>