Tech or Treat! Write an article about your scariest tech disaster to win gadgets!Learn more

x
?
Solved

syslog

Posted on 2004-04-04
12
Medium Priority
?
1,602 Views
Last Modified: 2013-12-27
I have a sun machine which installed with solaris 8. I want to use it as a syslog server for messages that are sent from a cisco router.
 I have done the following
1.on the cisco router
    ->logging on
    ->logging ip_address
    ->logging facility local7
    ->logging trap debug
2. On the sun workstation
   ->I have edited the syslog.conf file by adding
       local7.debug    /var/adm/log (there are five tabs between local7.debug and /var/adm/log  no space)
   ->I have created the file /var/adm/log
   ->I have changed the file attribute mode as -rwxrwxrwx.(chmod 777)
   -> Force the syslog process (syslogd) to read the new configuration file by typing:
   -># kill -HUP cat /etc/syslog.pid
but the last command has an error such as
      "there is no such pid"
If I restarted the sun machine the syslogd process started. But the messages are not found in the file.
     When  I see the router by typing
             sh logging
     there are messages that are logged to the sun  machine.
0
Comment
Question by:abradf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 45

Expert Comment

by:sunnycoder
ID: 10755265
Hi abradf,

> # kill -HUP cat /etc/syslog.pid

# kill -HUP `cat /etc/syslog.pid`

note the backticks


Sunnycoder
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 10755285
you can also try /etc/init.d/syslog restart for forcing syslod to re-read its configuration
0
 
LVL 1

Expert Comment

by:rhugga
ID: 10757864

First test your changes to /etc/syslog.conf with the logger utility. This allows you to submit log entries to syslog using the same routines an application would use. Eliminate the cisco router from the picture until you know the Solaris box is configured correctly. If logger is failing, make sure you used TABs in your /etc/syslog.conf file , not spaces.

After checking /etc/syslog.conf, make sure that syslogd is even accepting remote connections:

netstat -na | grep LIST | grep 514

You should see something like this:
      *.514                *.*                0      0 65536      0 LISTEN
      *.514                *.*                0      0 65536      0 LISTEN

Next check your network path to the cisco router. (check for firewalls, bad routes, bad arp, etc.....)

Lastly, make sure syslogd is not being started with the -t option (which is doesn't by default)

You can also turn on a debug mode to syslogd with the -d option.

Relevant man pages: syslogd, logger, syslog.conf

-chuck




0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 48

Expert Comment

by:Tintin
ID: 10761393
There is no need to set perms to 777.  It should be 640 or perhaps 644.

You can also do a restart by doing

pkill HUP syslogd
0
 
LVL 2

Expert Comment

by:CadburyKat
ID: 10822565
use logger.  This is installed by default with Solaris 8 and 9.  You can send messages from a remote system to the syslog facility you specify.

This will take the Solaris part out of it.

The next step will be to diagnose the cisco end of things.

I am doing the exact thing you are trying to do.  It can be done.



man logger
0
 
LVL 10

Expert Comment

by:elf_bin
ID: 11247902
I thought .pid files usually went in /var/run/, perhaps you've made a mistake?

Just a thought...
0
 
LVL 48

Expert Comment

by:Tintin
ID: 11255884
There's no real standard for pid files.  Older versions of Solaris used /etc/syslog.pid, but on recent versions, you'll notice that that's actually a link to /var/run/syslog.pid
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11354065
Liddler,

I think http:#10755265 is the correct answer
0
 
LVL 18

Expert Comment

by:liddler
ID: 11354241
Sunnycoder
>>If I restarted the sun machine the syslogd process started. But the messages are not found in the file.

You were right about how to use ``, but the comment above seems to say they were not logged ?!?
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11354373
you are right ... I somehow missed that part ...

Just for the sake of solution being in the PAQ ...

You need to restart the syslogd with -r option ... by default, syslog does not log messages sent by the remote machine.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11387602
PAQed - no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses

647 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question