• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1607
  • Last Modified:

syslog

I have a sun machine which installed with solaris 8. I want to use it as a syslog server for messages that are sent from a cisco router.
 I have done the following
1.on the cisco router
    ->logging on
    ->logging ip_address
    ->logging facility local7
    ->logging trap debug
2. On the sun workstation
   ->I have edited the syslog.conf file by adding
       local7.debug    /var/adm/log (there are five tabs between local7.debug and /var/adm/log  no space)
   ->I have created the file /var/adm/log
   ->I have changed the file attribute mode as -rwxrwxrwx.(chmod 777)
   -> Force the syslog process (syslogd) to read the new configuration file by typing:
   -># kill -HUP cat /etc/syslog.pid
but the last command has an error such as
      "there is no such pid"
If I restarted the sun machine the syslogd process started. But the messages are not found in the file.
     When  I see the router by typing
             sh logging
     there are messages that are logged to the sun  machine.
0
abradf
Asked:
abradf
1 Solution
 
sunnycoderCommented:
Hi abradf,

> # kill -HUP cat /etc/syslog.pid

# kill -HUP `cat /etc/syslog.pid`

note the backticks


Sunnycoder
0
 
sunnycoderCommented:
you can also try /etc/init.d/syslog restart for forcing syslod to re-read its configuration
0
 
rhuggaCommented:

First test your changes to /etc/syslog.conf with the logger utility. This allows you to submit log entries to syslog using the same routines an application would use. Eliminate the cisco router from the picture until you know the Solaris box is configured correctly. If logger is failing, make sure you used TABs in your /etc/syslog.conf file , not spaces.

After checking /etc/syslog.conf, make sure that syslogd is even accepting remote connections:

netstat -na | grep LIST | grep 514

You should see something like this:
      *.514                *.*                0      0 65536      0 LISTEN
      *.514                *.*                0      0 65536      0 LISTEN

Next check your network path to the cisco router. (check for firewalls, bad routes, bad arp, etc.....)

Lastly, make sure syslogd is not being started with the -t option (which is doesn't by default)

You can also turn on a debug mode to syslogd with the -d option.

Relevant man pages: syslogd, logger, syslog.conf

-chuck




0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
TintinCommented:
There is no need to set perms to 777.  It should be 640 or perhaps 644.

You can also do a restart by doing

pkill HUP syslogd
0
 
CadburyKatCommented:
use logger.  This is installed by default with Solaris 8 and 9.  You can send messages from a remote system to the syslog facility you specify.

This will take the Solaris part out of it.

The next step will be to diagnose the cisco end of things.

I am doing the exact thing you are trying to do.  It can be done.



man logger
0
 
elf_binCommented:
I thought .pid files usually went in /var/run/, perhaps you've made a mistake?

Just a thought...
0
 
TintinCommented:
There's no real standard for pid files.  Older versions of Solaris used /etc/syslog.pid, but on recent versions, you'll notice that that's actually a link to /var/run/syslog.pid
0
 
sunnycoderCommented:
Liddler,

I think http:#10755265 is the correct answer
0
 
liddlerCommented:
Sunnycoder
>>If I restarted the sun machine the syslogd process started. But the messages are not found in the file.

You were right about how to use ``, but the comment above seems to say they were not logged ?!?
0
 
sunnycoderCommented:
you are right ... I somehow missed that part ...

Just for the sake of solution being in the PAQ ...

You need to restart the syslogd with -r option ... by default, syslog does not log messages sent by the remote machine.
0
 
moduloCommented:
PAQed - no points refunded (of 250)

modulo
Community Support Moderator
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now