Install Centreon Syslog server

Install Centreon Syslog server

Install Centreon Syslog server 491 250 Roderick Derks

Starting point: Centreon 2.1.12 Centos 5.5

1. U will need ssh2 library to work in php and apache

# yum install php-pecl-ssh2.x86_64
# service httpd restart

Centos 6.2 get the package from

rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm


tar xvzf libssh2-1.4.2.tar.gz
cd libssh2-1.4.2
make install

Check if ssh2 library is correctly installed:

# php -i |grep ssh
Registered PHP Streams => php, file, http, ftp, compress.bzip2, compress.zlib, https, ftps,, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp
libssh2 version => 1.2.6
banner => SSH-2.0-libssh2_1.2.6

2. Download and install the centreon-syslog-server
Log into and download the latest release.
# tar -zxvf centreon-syslog-server-1.3.3.tar.gz
# cd centreon-syslog-server-1.3.3.tar.gz
# ./ -i
go thru the interactive setup, u will need the mysql root pass.
Make note of the new syslog user created

3. Download and install centreon-syslog-frontend
Log into and download the latest release.
# cd centreon-syslog-frontend-1.2.1.tar.gz
# ./ -i

the folder of “instCentWeb.conf” should be /etc/centreon

4. Go on Centreon web interface
Go on menu ‘Administration > Modules > Setup’.
Syslog module must be present on modules list but not installed.
Click on right icon to start installation

5. Go on menu ‘Administration > Modules > Syslog configuration’.
Fill the fields

6. Go on menu ‘Monitoring > Syslog > Monitoring’

7. Install rsyslog

# yum install rsyslog.x86_64  rsyslog-mysql
# vi /etc/rsyslog.conf

Insert at the beginig of the file these parameter to enable UDP and TCP input

$ModLoad MySQL
$AllowedSender UDP,,
$AllowedSender TCP,,

Change network to your network.
And then paste these lines (there are two lines) at the end of the file:

# Configuration changes for Windows/Snare/Centreon-E2S logs
$EscapeControlCharactersOnReceive off

$template sysMysql,"INSERT INTO logs (host,facility, priority,level,tag,datetime,program,msg) VALUES ('%HOSTNAME%','%syslogfacility%','%syslogpriority%','%syslogseverity%','%syslogtag%','%timereported:::date-mysql%','%programname%', '%msg:::space-cc%')", SQL


       *.=warning >

Change IP_SERVEUR_DB, DB_NAME, BD_USER et DB_PASSWORD to your information.

Edit the file "rsyslog" to receive syslog events, also listen on UDP TCP on port 514 :
# vi /etc/sysconfig/rsyslog

Replace the line:

By this line:
SYSLOGD_OPTIONS="-r514 -t514 -m 0"

Restart the syslog daemon :
# /etc/init.d/rsyslog start

Make sure the centreon server rsyslog is listening in port UDP 514

7. Windows logs to Syslog server:

Install DotNET framework 2 or higher
Install Centreon E2S and edit the xml file (add ip address syslog server)

On windows machine install the Centreon E2S, wich will forward
the events you filter to the syslog centreon server.
download from here:

Change in the config.ini file the IP address of the server

9. Linux Fedora/RedHat/Centos logs to Syslog server

# vi /etc/rsyslog.conf

and add:

# RRD to syslog server
*.emerg;cron;*.info;authpriv.*                          @

then restart rsyslog

# /etc/init.d/rsyslog restart

10. ESXi

Go to the VI clinet and open the ESXi server config pages. Go to "Advanced Settings" and find the Syslog entry. Add the ip address of the syslog server. But wait.. ESXi messages messed up my Centreon Syslog server, so I created a thread on the centreon forum to ask for advice.

Roderick Derks

Liefhebber van fietsen, van het oplossen van IT puzzels, en van het delen van informatie om anderen te helpen.

All stories by:Roderick Derks

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Your Name (required)

Your Email (required)


Your Message

Your Name (required)

Your Email (required)


Your Message