jdenver247
asked on
syslog to syslog-ng
Hello,
Can I forward syslog messages on my server to syslog-ng server. If so what would be the configuration changes that I have to make in syslog.conf file.
Can I also forward the messages to 2 different servers.
Thanks
Can I forward syslog messages on my server to syslog-ng server. If so what would be the configuration changes that I have to make in syslog.conf file.
Can I also forward the messages to 2 different servers.
Thanks
... and
on your syslog-ng server you should filter the messages by source, to be able to have different destinations per source host.
on your syslog-ng server you should filter the messages by source, to be able to have different destinations per source host.
ASKER
If you have implemented the syslog-ng server . Can you send me sample config file....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks a ton also...If you have the server.conf..Can you please send over..
Sorry, a server.conf doesn't exist!
There is only one config file, see above.
The startup options:
Usage: syslog-ng [options]
Accept and manage system log messages
Options:
-s, --syntax-only Only read and parse config file
-d, --debug Turn on debugging messages
-v, --verbose Be a bit more verbose
-F, --foreground Don't fork into background
-f <fname>, --cfgfile=<fname> Set config file name, default=/usr/local/etc/sys
-V, --version Display version number (syslog-ng 1.6.8)
-p <fname>, --pidfile=<fname> Set pid file name, default=/var/run/syslog-ng
-C <dir>, --chroot=<dir> Chroot to directory
-u <user>, --user=<user> Switch to user
-g <group>, --group=<group> Switch to group
That's all.
wmp
There is only one config file, see above.
The startup options:
Usage: syslog-ng [options]
Accept and manage system log messages
Options:
-s, --syntax-only Only read and parse config file
-d, --debug Turn on debugging messages
-v, --verbose Be a bit more verbose
-F, --foreground Don't fork into background
-f <fname>, --cfgfile=<fname> Set config file name, default=/usr/local/etc/sys
-V, --version Display version number (syslog-ng 1.6.8)
-p <fname>, --pidfile=<fname> Set pid file name, default=/var/run/syslog-ng
-C <dir>, --chroot=<dir> Chroot to directory
-u <user>, --user=<user> Switch to user
-g <group>, --group=<group> Switch to group
That's all.
wmp
Ah, I see ...
sorry for the headline in my example config!
This file is fot server and client, except that the client won't contain the external (remote) source etc. statements.
wmp
sorry for the headline in my example config!
This file is fot server and client, except that the client won't contain the external (remote) source etc. statements.
wmp
yes you can.
Enter in syslog .conf e.g.
*.debug @[your.loghost1.com]
Since you could have this more than once, e.g.
*.debug @[your.loghost2.com]
yes, you can forward to more than one host.
wmp