jshardlow [http://community.zenoss.org/people/jshardlow] created the discussion

"How can I tell if sudo syslog messages are being dropped?"

To view the discussion, visit: http://community.zenoss.org/message/75063#75063

--------------------------------------------------------------
Hello all,

Just a quick 4.2.x question. Can anyone point me in the right direction to see what may be causing some incoming (sudo) messages to drop? I'm not sure if it's one of my dodgy transforms.

I can see the sudo message coming into zensyslog and I can see it being referenced in zenhub, but I haven't maanged to find out whare something might tell me what is happening to the message.

I've got Event Console showing me all Status/Severity as by default the sudo stuff is sent straight to history which is fine. Nothing is showing up as /Unknown (or anywhere else!) so that can only mean it's been mapped and potentially dropped. I haven't touched the stock mapping of /Security/Sudo/sudo.

Thanks in advance!
--------------------------------------------------------------

Reply to this message by replying to this email -or- go to the discussion on Zenoss Community
[http://community.zenoss.org/message/75063#75063]

Start a new discussion in zenoss-users at Zenoss Community
[http://community.zenoss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2003]