syslog

Taking care of your Linux box.

syslog

Postby nedian » Tue Mar 16, 2004 4:04 pm

iam configuring syslog onmy network so that all the machines copies their logs to a remote server using syslog.its not working, heres the copy of syslog.conf file on the client side(note that server has an ip address od 192.168.1.200 and hostname "attacker".


# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages
*.info @attacker
# The authpriv file has restricted access.
authpriv.* /var/log/secure

# Log all the mail messages in one place.
#mail.* /var/log/maillog
mail.* @attacker

# Log cron stuff
#cron.* /var/log/cron
cron.* @attacker
# Everybody gets emergency messages
*.emerg @192.168.1.200

# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler

# Save boot messages also to boot.log
local7.* /var/log/boot.log
#local0.* @192.168.1.100
#
# INN
#
news.=crit /var/log/news/news.crit
news.=err /var/log/news/news.err
news.notice /var/log/news/news.notice
*. *@attacker
nedian
Lance Naik
 
Posts: 16
Joined: Sat Feb 28, 2004 1:31 am
Yahoo Messenger: nedian81@yahoo.com

Re: syslog

Postby lambda » Wed Mar 17, 2004 2:12 am

how do you know it's not working? are you sure your syslogd on the remote host isn't dropping messages? on my debian box, syslogd doesn't listen to the network.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby farhantoqeer » Wed Mar 17, 2004 9:37 am

on my debian box, syslogd doesn't listen to the network.


same here!

you can get logs of specific services you are running. by default they all are stored in /var/log
A: Yes
Q: Is top-posting bad?
farhantoqeer
Major General
 
Posts: 917
Joined: Thu Jun 27, 2002 5:45 pm
Website: http://www.emergen.biz
Location: Karachi

Postby nedian » Thu Mar 18, 2004 9:08 pm

the pbm has ben solved ...syslog daemon was running locally but wasnt listening to remote host's messages, i ve modified /etc/sysconfig/syslog file and specified '-r' switch there so that this server should liusten for remote messages, it works.
Anyways, thanx for ur replies
nedian
Lance Naik
 
Posts: 16
Joined: Sat Feb 28, 2004 1:31 am
Yahoo Messenger: nedian81@yahoo.com


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 2 guests

cron