Home
  •  

Process Syslog Service Health

Microsoft.Linux.SLES.9.Process.Syslog.Monitor (UnitMonitor)

SUSE Linux Enterprise Server 9 Process Syslog Monitor

Knowledge Base article:

Summary

This monitor checks the status of the syslog daemon by running a WSMan query to see if the syslog daemon is running. If you receive an alert from this monitor, check the Diagnostic and Recovery results to see if further action is required.

Causes

An unhealthy state indicates that the Syslog daemon is currently unavailable.

Resolutions

Check the service on the system by running 'ps -ef | grep syslog' or by viewing the diagnostic in the Operations Manager console. If it is down, you can start the process using the command "/etc/init.d/syslog start" or by clicking the recovery link in the Operations Manager console.

For root cause analysis, first check the system logfile (/var/log/messages), and view any related entries at the time of failure.

Element properties:

TargetMicrosoft.Linux.SLES.9.OperatingSystem
Parent MonitorSystem.Health.AvailabilityState
CategoryAvailabilityHealth
EnabledTrue
Alert GenerateTrue
Alert SeverityError
Alert PriorityNormal
Alert Auto ResolveTrue
Monitor TypeMicrosoft.Unix.WSMan.Process.Status.MonitorType
RemotableTrue
AccessibilityPublic
Alert Message
Syslog is not running
The syslog daemon on server {0} is not running.
RunAsDefault

Source Code:

<UnitMonitor ID="Microsoft.Linux.SLES.9.Process.Syslog.Monitor" Accessibility="Public" Target="Microsoft.Linux.SLES.9.OperatingSystem" TypeID="Unix!Microsoft.Unix.WSMan.Process.Status.MonitorType" Enabled="true" ParentMonitorID="SystemHealth!System.Health.AvailabilityState">

  <Category>AvailabilityHealth</Category>

  <AlertSettings AlertMessage="Microsoft.Linux.SLES.9.Process.Syslog.AlertMessage">

    <AlertOnState>Error</AlertOnState>

    <AutoResolve>true</AutoResolve>

    <AlertPriority>Normal</AlertPriority>

    <AlertSeverity>Error</AlertSeverity>

    <AlertParameters>

      <AlertParameter1>$Target/Host/Property[Type="Unix!Microsoft.Unix.Computer"]/PrincipalName$</AlertParameter1>

    </AlertParameters>

  </AlertSettings>

  <OperationalStates>

    <OperationalState HealthState="Success" MonitorTypeStateID="Running" ID="Running"/>

    <OperationalState HealthState="Error" MonitorTypeStateID="NotRunning" ID="NotRunning"/>

  </OperationalStates>

  <Configuration>

    <TargetSystem>$Target/Host/Property[Type="Unix!Microsoft.Unix.Computer"]/NetworkName$</TargetSystem>

    <ProcessName>syslogd</ProcessName>

    <Interval>300</Interval>

  </Configuration>

</UnitMonitor>