[CentOS] syslog to remote server

Jorge Fábregas jorge.fabregas at gmail.com
Fri Aug 7 03:48:02 UTC 2009


On Thursday 06 August 2009 10:58:05 pm hce wrote:
> The messages from local0 worked fine, all sent to the remote log
> server. But all messages from local1 were still displayed in
> /var/log/messages despite it has been set to local1.none.

How do you determine which messages come from which facility by looking at the 
log? As far I as I know , in the actual log message, there's no indication of 
the facility generating it...there may be the ip from where it's coming..the 
daemon generating it but the actual facility I don't remember.

If I were you I would go to the destination syslog server first and perform 
this test: 

logger -p local1.info "testing proper routing on destination server"

and then check where the message goes (check your syslog.conf there on the 
destination server).  Once you know local1 is properly routed (on the 
destination server), then you should go to the original (source) server where 
I recommend you comment out the whole line pointing to /var/log/messages and 
concentrate on the local1 line first.

Don't forget to reload the configuration (service syslog reload) and then try 
this:

logger -p local1.info "message comign from source server"

and then check the proper log on the destination server...

There are some startup switches for syslog (to allow it to receive remote 
messages) but I rule out that because you mentioned it is already working for 
the local0 facility...  

HTH,
Jorge



More information about the CentOS mailing list