I have a 64bit centos 5.2 system. My router supports sending logs to a syslog server, so I was hoping to send them to my centos box so they are easier to keep an eye on.
I've been googling for howto's etc, but I didn't think syslog would be that difficult. Do I need to use syslog-ng or can I use the syslog that's installed with centos 5.2?
Any suggestions or guidance?
Thanks, James
Syslog (or rsyslog) will do..
Have a look at /etc/sysconfig/(r)syslog
Cheers,
Bart
----- Original Message ----- From: "James Pifer" jep@obrien-pifer.com To: "CentOS" centos@centos.org Sent: Tuesday, July 29, 2008 8:32:19 PM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna Subject: [CentOS] syslog question
I have a 64bit centos 5.2 system. My router supports sending logs to a syslog server, so I was hoping to send them to my centos box so they are easier to keep an eye on.
I've been googling for howto's etc, but I didn't think syslog would be that difficult. Do I need to use syslog-ng or can I use the syslog that's installed with centos 5.2?
Any suggestions or guidance?
Thanks, James
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Pifer wrote: | I have a 64bit centos 5.2 system. My router supports sending logs to a | syslog server, so I was hoping to send them to my centos box so they are | easier to keep an eye on. |
On your CentOS box, edit /etc/sysconfig/syslog. The comments in the file should be sufficient.
- -- Milton Calnek BSc, A/Slt(Ret.) milton@calnek.com 306-717-8737
James Pifer wrote: | I have a 64bit centos 5.2 system. My router supports sending logs to a | syslog server, so I was hoping to send them to my centos box so they are | easier to keep an eye on. |
On your CentOS box, edit /etc/sysconfig/syslog. The comments in the file should be sufficient.
Yeah, that was pretty easy. Any way to get it to save logs from different hosts to specific files?
Thanks, James
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Pifer wrote: | Yeah, that was pretty easy. Any way to get it to save logs from | different hosts to specific files?
You need rsyslog for that. I believe that FC9 has an rpm for it. There are other places to find one as well. KB may have one in his repo.
- -- Milton Calnek BSc, A/Slt(Ret.) milton@calnek.com 306-717-8737
On Tue, 2008-07-29 at 12:52 -0600, Milton Calnek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Pifer wrote: | Yeah, that was pretty easy. Any way to get it to save logs from | different hosts to specific files?
You need rsyslog for that. I believe that FC9 has an rpm for it. There are other places to find one as well. KB may have one in his repo.
Okay, I have rsyslog running and regular syslog stopped. Also chkconfig'ed them.
I added this to /etc/rsyslog.conf: $template DynaFile,"/var/log/system-%HOSTNAME%.log" *.* -?DynaFile
The log that gets created for my router is called: system-Tue,.log
So I've been trying to modify it using a different propnames instead of %HOSTNAME%. So far all I get for a result is: system-**INVALID PROPERTY NAME**.log
In upper and lower case I've tried: source fromhost fromhost-ip
Any suggestions? It's so close now!
Thanks, James
James Pifer wrote:
Any suggestions? It's so close now!
I've never heard of rsyslog myself it sounds new, I've been using syslog-ng for at least 6 years now and it works great.
Here is a sample config I ran at my last company: client: http://portal.aphroland.org/~aphro/syslog-ng/syslog-ng.conf_CLIENT
server: http://portal.aphroland.org/~aphro/syslog-ng/syslog-ng.conf_SERVER
While there is a newer version of syslog-ng available I have stuck to the 1.6.x branch. I think I got the source rpms from a fedora mirror.
nate
rsyslog will create a file /var/log/system-<hostname>.log as soon as messages are received from <hostname>..
I have spend a couple of hours on rsyslog yesterday.. The version in RHEL/CentOS doesn't appear to be very complete (no tls for example?).. since only the mysql-module is included
syslog-ng is very good as well, a little easier to config.
Cheers,
Bart
----- Original Message ----- From: "James Pifer" jep@obrien-pifer.com To: "CentOS mailing list" centos@centos.org Sent: Tuesday, July 29, 2008 10:31:53 PM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna Subject: Re: [CentOS] syslog question
On Tue, 2008-07-29 at 12:52 -0600, Milton Calnek wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
James Pifer wrote: | Yeah, that was pretty easy. Any way to get it to save logs from | different hosts to specific files?
You need rsyslog for that. I believe that FC9 has an rpm for it. There are other places to find one as well. KB may have one in his repo.
Okay, I have rsyslog running and regular syslog stopped. Also chkconfig'ed them.
I added this to /etc/rsyslog.conf: $template DynaFile,"/var/log/system-%HOSTNAME%.log" *.* -?DynaFile
The log that gets created for my router is called: system-Tue,.log
So I've been trying to modify it using a different propnames instead of %HOSTNAME%. So far all I get for a result is: system-**INVALID PROPERTY NAME**.log
In upper and lower case I've tried: source fromhost fromhost-ip
Any suggestions? It's so close now!
Thanks, James
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Tue, Jul 29, 2008 at 02:46:39PM -0400, James Pifer wrote:
Yeah, that was pretty easy. Any way to get it to save logs from different hosts to specific files?
I use syslog-ng for that, I think from rpmforge.
http://wiki.xdroop.com/space/Sun/Syslog-ng
On Tuesday 29 July 2008, David Mackintosh wrote:
On Tue, Jul 29, 2008 at 02:46:39PM -0400, James Pifer wrote:
Yeah, that was pretty easy. Any way to get it to save logs from different hosts to specific files?
I use syslog-ng for that, I think from rpmforge.
Worth noting, rsyslog-2.0.0-11.el5 is in base since CentOS-5.2.
/Peter
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Peter Kjellstrom wrote: | | Worth noting, rsyslog-2.0.0-11.el5 is in base since CentOS-5.2. |
ooh... that's definately worth noting.
- -- Milton Calnek BSc, A/Slt(Ret.) milton@calnek.com 306-717-8737
On Tue, Jul 29, 2008 at 02:32:19PM -0400, James Pifer wrote:
Any suggestions or guidance?
By default, your syslog does not accept syslog entries from remote systems.
Edit /etc/sysconfig/syslog, and add a '-r' parameter to the SYSLOGD_OPTIONS option, and restart syslog.
-
Bart Baars -
David Mackintosh -
James Pifer -
Milton Calnek -
nate -
Peter Kjellstrom