iam configuring syslog onmy network so that all the machines copies their logs to a remote server using syslog.its not working, heres the copy of syslog.conf file on the client side(note that server has an ip address od 192.168.1.200 and hostname "attacker".
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
#*.info;mail.none;news.none;authpriv.none;cron.none /var/log/messages
*.info @attacker
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
#mail.* /var/log/maillog
mail.* @attacker
# Log cron stuff
#cron.* /var/log/cron
cron.* @attacker
# Everybody gets emergency messages
*.emerg @192.168.1.200
# Save news errors of level crit and higher in a special file.
uucp,news.crit /var/log/spooler
# Save boot messages also to boot.log
local7.* /var/log/boot.log
#local0.* @192.168.1.100
#
# INN
#
news.=crit /var/log/news/news.crit
news.=err /var/log/news/news.err
news.notice /var/log/news/news.notice
*. *@attacker
syslog
Re: syslog
how do you know it's not working? are you sure your syslogd on the remote host isn't dropping messages? on my debian box, syslogd doesn't listen to the network.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
-
- Major General
- Posts: 917
- Joined: Thu Jun 27, 2002 5:45 pm
- Location: Karachi
- Contact: