Solved

SYSLOG

Posted on 2003-11-27
6
780 Views
Last Modified: 2008-02-01
Hi sunnycoder,

Here is what i have managed to do till now.
1. I have made the client machines to forward thier logs to a single SYSLOG server by editing thier syslog.conf. I have also configured the MAXTNT to forward its  logs to to the syslog server.
2. It is confirmed that  enrty   "  syslog                      514/udp   "       exists in /etc/services.
3. I have changed the /etc/sysconfig/syslog            SYSLOGD_OPTIONS = " -m 0 -r " .
4. Restarted the syslog and verified that -r  option is activated.

Now I need to know what should  I do to separate local machine's logs and network machines logs. What if I want to store MAXTNT's / Cisco Router / Cisco Switch logs in a separate directory. I know that I should be  editing the file syslog.conf, but what should I put there ?
 
Thanks....
ATIQAHMED.
0
Comment
Question by:atiqahmed
  • 2
  • 2
6 Comments
 
LVL 40

Accepted Solution

by:
jlevie earned 25 total points
ID: 9832665
The standard syslog daemon on most Linux distributions isn't capable of logging to different files based on the system source of the messages. I believe that syslog-ng (see http://www.balabit.com/products/syslog_ng/)  can do this.
0
 
LVL 44

Assisted Solution

by:Karl Heinz Kremer
Karl Heinz Kremer earned 25 total points
ID: 9833431
The syslog-ng sample configuration file at http://www.campin.net/syslog-ng.conf shows (near the end of the file) under the heading "automatic host sorting (usually used on a loghost)" how you can use different log files for different machines.

jlevie is right that the standard Linux syslogd does not support this.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10179707
Split between jlevie & khkremer
0
 
LVL 44

Expert Comment

by:Karl Heinz Kremer
ID: 10306551
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Split between jlevie and khkremer
Please leave any comments here within the next four days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

khkremer
EE Cleanup Volunteer
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now