syslog-ng-query — Query metrics and statistic data from a running syslog-ng Premium Edition instance
syslog-ng-query
[command] [options]
NOTE: The syslog-ng-query application is distributed with the syslog-ng Premium Edition system logging application, and is usually part of the syslog-ng package. The latest version of the syslog-ng application is available at the syslog-ng page.
This manual page is only an abstract, for the complete documentation of syslog-ng, see the syslog-ng Documentation page.
The syslog-ng-query application is a utility that can be used to query metrics and statistic data from a running syslog-ng Premium Edition instance.
The syslog-ng PE application stores various data, metrics, and statistics in a hierarchical data structure tree (syslog-ng
is the root node of the tree). The nodes of the tree can contain properties (but not every node contains properties). Every property has a name and a value. For example:
[syslog-ng] | |_[destinations]-[network]-[tcp]->[stats]->{received:12;dropped:2} | |_[sources]-[sql]-[stats]->{reveived:501;dropped:0}
You can query the nodes of this tree, and also use filters to select the information you need. A query is actually a path in the tree. You can also use the ?
and *
wildcards. For example:
Select every property: *
Select all dropped
value from every stats
node: *.stats.dropped
The nodes and properties available in the tree depend on your syslog-ng PE configuration (that is, the sources, destinations, and other objects you have configured), and also on your stats-level()
settings.
syslog-ng-query list
Use the syslog-ng-query list command to display the list of metrics that syslog-ng PE collects about the processed messages. For details about the displayed metrics, see the syslog-ng Documentation page.
An example output:
stats center.received.stats.processed center.queued.stats.processed destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.dropped destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.processed destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.stored destination.d_elastic.stats.processed source.s_tcp.stats.processed source.severity.7.stats.processed source.severity.0.stats.processed source.severity.1.stats.processed source.severity.2.stats.processed source.severity.3.stats.processed source.severity.4.stats.processed source.severity.5.stats.processed source.severity.6.stats.processed source.facility.7.stats.processed source.facility.16.stats.processed source.facility.8.stats.processed source.facility.17.stats.processed source.facility.9.stats.processed source.facility.18.stats.processed source.facility.19.stats.processed source.facility.20.stats.processed source.facility.0.stats.processed source.facility.21.stats.processed source.facility.1.stats.processed source.facility.10.stats.processed source.facility.22.stats.processed source.facility.2.stats.processed source.facility.11.stats.processed source.facility.23.stats.processed source.facility.3.stats.processed source.facility.12.stats.processed source.facility.4.stats.processed source.facility.13.stats.processed source.facility.5.stats.processed source.facility.14.stats.processed source.facility.6.stats.processed source.facility.15.stats.processed source.facility.other.stats.processed global.payload_reallocs.stats.processed global.msg_clones.stats.processed global.sdata_updates.stats.processed tag..source.s_tcp.stats.processed
syslog-ng-query sum
[options]
The syslog-ng-query sum <query> command lists the nodes that match the query, and their values. For example, the syslog-ng-query sum "destination*" command lists the configured destinations, and the metrics related to each destination. An example output:
destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.dropped: 0 destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.processed: 0 destination.java.d_elastic#0.java_dst(ElasticSearch,elasticsearch-syslog-ng-test,t7cde889529c034aea9ec_micek).stats.stored: 0 destination.d_elastic.stats.processed: 0
The syslog-ng-query sum command has the following options:
Add up the result of each matching node and return only a single number.
For example, the syslog-ng-query sum --aggregate "destination*.dropped" command displays the number of messages dropped by the syslog-ng PE instance.
The syslog-ng Documentation page
|
NOTE:
For the detailed documentation of syslog-ng PE see the syslog-ng Documentation page If you experience any problems or need help with syslog-ng, visit the syslog-ng FAQ or the syslog-ng mailing list. For news and notifications about of syslog-ng, visit the syslog-ng Blog. |
This manual page was written by the One Identity Documentation Team <documentation@balabit.com>.
Copyright© 2000-2018One Identity. Published under the Creative Commons Attribution-Noncommercial-No Derivative Works (by-nc-nd) 3.0 license. For details, see https://creativecommons.org//. The latest version is always available at the syslog-ng Documentation page.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center