• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 587
  • Last Modified:

Logging Linux to a central syslog server

I am trying to setup my linux server to send syslog messages to a centrol syslog server. I have added the central server to the syslog.conf, however, I am only receiving cron messages. I thought I have set this up correctly so that it sent all messages of level info or higher. Can someone look at my config below and tell me why for instance, I am not getting notices of when users connect via SSH, log in etc. I thought I would recieve them with this setup? Basically, I want everything logged and sent to this central server.

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog

# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log


*.* @

2 Solutions
try this out

user.*      @

and also see man page of "logger" command here u can get all details about facility and priorities
As you are trying to log all messages to a central server ( please comment all lines in your syslog.conf except "*.* @" and restart the syslog daemon "service syslog restart".
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now