CMK version: 2.0.0p25 (CEE) OS version: Ubuntu 20.04.5 LTS
Hey,
I don’t know I guess it’s not realy a cmk problem but maybe someone can help me neverless.
I have a source host in a subnet witch is sending syslog messages to our cmk-server. The cmk-server is behind a firewall and we use nat to translate the dest-adress to the local cmk-server IP.
So the syslog trap goes to the IP3 address and then nat translates the destination to IP1.
In the eventconsole the source that is shown for the trap is IP2 - the gateway for the cmk-server.
Could it be that the syslog package itself is wrong?
the problem is, that the syslog message contains no information witch of my 50 hosts has sent that trap, so rewrite just works if I can identify the real host.
Could it be a solution to place a syslog-collector in my subnet and connect that VM to the CMK-Server.
That VM could forward the collected messages to CMK or CMK can collect messages from there.
Looks like Checkmk has no syslog-collector. I belive a distributed monitoring site is the way to go.
The syslog-collector would see the “real” IP of the Trap Sender, but if it forward the syslog messages to your cmk-server the real IP would be lost again…
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.