Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 787
  • Last Modified:

SYSLOG

Hi sunnycoder,

Here is what i have managed to do till now.
1. I have made the client machines to forward thier logs to a single SYSLOG server by editing thier syslog.conf. I have also configured the MAXTNT to forward its  logs to to the syslog server.
2. It is confirmed that  enrty   "  syslog                      514/udp   "       exists in /etc/services.
3. I have changed the /etc/sysconfig/syslog            SYSLOGD_OPTIONS = " -m 0 -r " .
4. Restarted the syslog and verified that -r  option is activated.

Now I need to know what should  I do to separate local machine's logs and network machines logs. What if I want to store MAXTNT's / Cisco Router / Cisco Switch logs in a separate directory. I know that I should be  editing the file syslog.conf, but what should I put there ?
 
Thanks....
ATIQAHMED.
0
atiqahmed
Asked:
atiqahmed
  • 2
  • 2
2 Solutions
 
jlevieCommented:
The standard syslog daemon on most Linux distributions isn't capable of logging to different files based on the system source of the messages. I believe that syslog-ng (see http://www.balabit.com/products/syslog_ng/)  can do this.
0
 
Karl Heinz KremerCommented:
The syslog-ng sample configuration file at http://www.campin.net/syslog-ng.conf shows (near the end of the file) under the heading "automatic host sorting (usually used on a loghost)" how you can use different log files for different machines.

jlevie is right that the standard Linux syslogd does not support this.
0
 
jlevieCommented:
Split between jlevie & khkremer
0
 
Karl Heinz KremerCommented:
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
Split between jlevie and khkremer
Please leave any comments here within the next four days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

khkremer
EE Cleanup Volunteer
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now