IDPA:錯誤:在 ACM 上設定遠端記錄 (系統記錄轉送) 時,組態列中的額外字元遭到忽略:
Summary: 錯誤「忽略組態列中的額外字元:「*」[v8.2106.0]」,而在 ACM 上設定遠端記錄 (系統記錄轉送)。此問題與 ACM 上的遠端記錄 (系統記錄轉送) 組態有關。錯誤訊息「組態列中的額外字元遭忽略:嘗試重新啟動 rsyslog 服務時遇到「*」[v8.2106.0]」,這會阻止將記錄轉送至遠端伺服器。
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
嘗試使用以下命令重新啟動 rsyslog 服務時,作業失敗。
使用以下命令檢查 rsyslog 的狀態時,會顯示錯誤訊息:
此錯誤會阻止將日誌轉發到遠端伺服器。此問題可以追溯到 /etc/rsyslog.conf 檔案中必須移除的無關「*」。
systemctl restart
使用以下命令檢查 rsyslog 的狀態時,會顯示錯誤訊息:
systemctl status rsyslog
error: extra characters in config line ignored: ‘’ [v8.2106.0]"
此錯誤會阻止將日誌轉發到遠端伺服器。此問題可以追溯到 /etc/rsyslog.conf 檔案中必須移除的無關「*」。
# systemctl status rsyslog ● rsyslog.service - System Logging Service Loaded: loaded (/usr/lib/systemd/system/rsyslog.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2024-04-02 14:32:04 UTC; 6s ago Docs: man:rsyslogd(8) http://www.rsyslog.com/doc/ Process: 27195 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS) Process: 40849 ExecStartPre=/usr/sbin/rsyslog-service-prepare (code=exited, status=0/SUCCESS) Main PID: 40853 (rsyslogd) Tasks: 10 (limit: 512) CGroup: /system.slice/rsyslog.service └─40853 /usr/sbin/rsyslogd -n -iNONE Apr 02 14:32:04 acm-8300-crk systemd[1]: Starting System Logging Service... Apr 02 14:32:04 acm-8300-crk systemd[1]: Started System Logging Service. Apr 02 14:32:04 acm-8300-crk rsyslogd[40853]: error: extra characters in config line ignored: '*' [v8.2106.0] Apr 02 14:32:04 acm-8300-crk rsyslogd[40853]: warning: ~ action is deprecated, consider using the 'stop' statement instead [v8.2106.0 try https://www.rsyslog.com/e/2307 ] Apr 02 14:32:04 acm-8300-crk rsyslogd[40853]: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd. [v8.2106.0] Apr 02 14:32:04 acm-8300-crk rsyslogd[40853]: origin software="rsyslogd" swVersion="8.2106.0" x-pid="40853" x-info="[https://www.rsyslog.com start
Cause
此錯誤是由 /etc/rsyslog.conf 檔案中存在的額外星號 (「*」) 所造成。應將其刪除,以便系統日誌轉發的正確配置和運行。
Resolution
1. 確認已安裝 rsyslog 套件:
acm:~ # rpm -qa |grep rsyslog rsyslog-8.24.0-3.39.1.x86_64
2. 確認 rsyslog 服務已啟用:
acm:~ # systemctl is-enabled rsyslog enabled
3. 在文字編輯器中開啟 /etc/rsyslog.conf。
移除以下行中的「*」,然後新增系統記錄項目。
移除以下行中的「*」,然後新增系統記錄項目。
$template RemoteLogs,"/data01/logs/ESX/%HOSTNAME%/%PROGRAMNAME%.log"* =>Extra
$template RemoteLogs,"/data01/logs/ESX/%HOSTNAME%/%PROGRAMNAME%.log"
*.* ?RemoteLogs
&~
變更後
$template RemoteLogs,"/data01/logs/ESX/%HOSTNAME%/%PROGRAMNAME%.log" $template RemoteLogs,"/data01/logs/ESX/%HOSTNAME%/%PROGRAMNAME%.log" *.* @xxx.xxx.xxx.xxx:514 &~其中 xxx.xxx.xxx.xxx 是遠端紀錄記錄主機的 IP 位址。
4.儲存並關閉檔案。
:wq!5.輸入下列命令,以重新啟動 rsyslog 程序:
# systemctl restart rsyslog
Affected Products
Integrated Data Protection Appliance FamilyProducts
Integrated Data Protection Appliance SoftwareArticle Properties
Article Number: 000225742
Article Type: Solution
Last Modified: 20 June 2024
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.