syslog

Taking care of your Linux box.
nedian
Lance Naik
Posts: 16
Joined: Sat Feb 28, 2004 1:31 am
Contact:

syslog

Postby nedian » Tue Mar 16, 2004 4:04 pm

iam configuring syslog onmy network so that all the machines copies their logs to a remote server using syslog.its not working, heres the copy of syslog.conf file on the client side(note that server has an ip address od 192.168.1.200 and hostname "attacker".


# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages
*.info @attacker
# The authpriv file has restricted access.
authpriv.* /var/log/secure

# Log all the mail messages in one place.
#mail.* /var/log/maillog
mail.* @attacker

# Log cron stuff
#cron.* /var/log/cron
cron.* @attacker
# Everybody gets emergency messages
*.emerg @192.168.1.200

# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler

# Save boot messages also to boot.log
local7.* /var/log/boot.log
#local0.* @192.168.1.100
#
# INN
#
news.=crit /var/log/news/news.crit
news.=err /var/log/news/news.err
news.notice /var/log/news/news.notice
*. *@attacker

lambda
Major General
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Location: Lahore
Contact:

Re: syslog

Postby lambda » Wed Mar 17, 2004 2:12 am

how do you know it's not working? are you sure your syslogd on the remote host isn't dropping messages? on my debian box, syslogd doesn't listen to the network.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?

farhantoqeer
Major General
Posts: 917
Joined: Thu Jun 27, 2002 5:45 pm
Location: Karachi
Contact:

Postby farhantoqeer » Wed Mar 17, 2004 9:37 am

on my debian box, syslogd doesn't listen to the network.


same here!

you can get logs of specific services you are running. by default they all are stored in /var/log
A: Yes
Q: Is top-posting bad?

nedian
Lance Naik
Posts: 16
Joined: Sat Feb 28, 2004 1:31 am
Contact:

Postby nedian » Thu Mar 18, 2004 9:08 pm

the pbm has ben solved ...syslog daemon was running locally but wasnt listening to remote host's messages, i ve modified /etc/sysconfig/syslog file and specified '-r' switch there so that this server should liusten for remote messages, it works.
Anyways, thanx for ur replies


Return to “Administration”

Who is online

Users browsing this forum: No registered users and 2 guests