Solved

syslog

Posted on 2004-04-04
12
1,593 Views
Last Modified: 2013-12-27
I have a sun machine which installed with solaris 8. I want to use it as a syslog server for messages that are sent from a cisco router.
 I have done the following
1.on the cisco router
    ->logging on
    ->logging ip_address
    ->logging facility local7
    ->logging trap debug
2. On the sun workstation
   ->I have edited the syslog.conf file by adding
       local7.debug    /var/adm/log (there are five tabs between local7.debug and /var/adm/log  no space)
   ->I have created the file /var/adm/log
   ->I have changed the file attribute mode as -rwxrwxrwx.(chmod 777)
   -> Force the syslog process (syslogd) to read the new configuration file by typing:
   -># kill -HUP cat /etc/syslog.pid
but the last command has an error such as
      "there is no such pid"
If I restarted the sun machine the syslogd process started. But the messages are not found in the file.
     When  I see the router by typing
             sh logging
     there are messages that are logged to the sun  machine.
0
Comment
Question by:abradf
12 Comments
 
LVL 45

Expert Comment

by:sunnycoder
ID: 10755265
Hi abradf,

> # kill -HUP cat /etc/syslog.pid

# kill -HUP `cat /etc/syslog.pid`

note the backticks


Sunnycoder
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 10755285
you can also try /etc/init.d/syslog restart for forcing syslod to re-read its configuration
0
 
LVL 1

Expert Comment

by:rhugga
ID: 10757864

First test your changes to /etc/syslog.conf with the logger utility. This allows you to submit log entries to syslog using the same routines an application would use. Eliminate the cisco router from the picture until you know the Solaris box is configured correctly. If logger is failing, make sure you used TABs in your /etc/syslog.conf file , not spaces.

After checking /etc/syslog.conf, make sure that syslogd is even accepting remote connections:

netstat -na | grep LIST | grep 514

You should see something like this:
      *.514                *.*                0      0 65536      0 LISTEN
      *.514                *.*                0      0 65536      0 LISTEN

Next check your network path to the cisco router. (check for firewalls, bad routes, bad arp, etc.....)

Lastly, make sure syslogd is not being started with the -t option (which is doesn't by default)

You can also turn on a debug mode to syslogd with the -d option.

Relevant man pages: syslogd, logger, syslog.conf

-chuck




0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 48

Expert Comment

by:Tintin
ID: 10761393
There is no need to set perms to 777.  It should be 640 or perhaps 644.

You can also do a restart by doing

pkill HUP syslogd
0
 
LVL 2

Expert Comment

by:CadburyKat
ID: 10822565
use logger.  This is installed by default with Solaris 8 and 9.  You can send messages from a remote system to the syslog facility you specify.

This will take the Solaris part out of it.

The next step will be to diagnose the cisco end of things.

I am doing the exact thing you are trying to do.  It can be done.



man logger
0
 
LVL 10

Expert Comment

by:elf_bin
ID: 11247902
I thought .pid files usually went in /var/run/, perhaps you've made a mistake?

Just a thought...
0
 
LVL 48

Expert Comment

by:Tintin
ID: 11255884
There's no real standard for pid files.  Older versions of Solaris used /etc/syslog.pid, but on recent versions, you'll notice that that's actually a link to /var/run/syslog.pid
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11354065
Liddler,

I think http:#10755265 is the correct answer
0
 
LVL 18

Expert Comment

by:liddler
ID: 11354241
Sunnycoder
>>If I restarted the sun machine the syslogd process started. But the messages are not found in the file.

You were right about how to use ``, but the comment above seems to say they were not logged ?!?
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11354373
you are right ... I somehow missed that part ...

Just for the sake of solution being in the PAQ ...

You need to restart the syslogd with -r option ... by default, syslog does not log messages sent by the remote machine.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 11387602
PAQed - no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IBM flash storage 840 15 64
Python Assistance 7 81
Cygwin VIM in WIndows 2007: Unable to copy text to Windows 10 65
problem creating new luks volume on new VM disk 5 92
My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question