<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7653.38">
<TITLE>newbie</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Ok, I guess I</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">m just too used to the Windows environment that I</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">m having a hard time adjusting to command line interfaces. Here</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">s the deal</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">: I need to get syslog-ng running on my server. I think I have it installed</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">, downloading the file from sunfreeware.com, putting the file in the /var/spool/pkg directory</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">(</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">file =</FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">syslogng-2.0.9-sol10-sparc-local.gz</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">).</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">I</FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">then</FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">used the pkgadd</FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">–</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">d command to install it</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">, which seemed to be fine. But where do I go from here? Has it started or do I need to manually start it? I</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">m also looking for a syslog-ng.conf file in order to modify it</FONT></SPAN><SPAN LANG="en-us"> <FONT FACE="Calibri">–</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri"> I</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">m using this to push log data to another server, and according to the central logging program we are using, I need to modify this file like th</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">is:</FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us">options {<BR>
use_fqdn(yes);<BR>
log_fifo_size(8192);<BR>
};</SPAN></P>
<P DIR=LTR><SPAN LANG="en-us">source local {<BR>
file("/var/log/messages");<BR>
udp(ip(127.0.0.1) port(514));<BR>
internal();<BR>
};</SPAN></P>
<P DIR=LTR><SPAN LANG="en-us">filter notdebug {<BR>
level(info...emerg);<BR>
}</SPAN></P>
<P DIR=LTR><SPAN LANG="en-us">destination loghost {<BR>
tcp("name.of.yoursplunkserver" port (9514));<BR>
};</SPAN></P>
<P DIR=LTR><SPAN LANG="en-us">log {<BR>
source(local);<BR>
filter(notdebug);<BR>
destination(loghost);<BR>
};</SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri"></FONT></SPAN><SPAN LANG="en-us"> </SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri">Any advice/or guidance is greatly appreciated. I know the more I use these Unix boxes, the more I</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">’</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">ll learn</FONT></SPAN><SPAN LANG="en-us"><FONT FACE="Calibri">…</FONT></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><B><I></I></B></SPAN><SPAN LANG="en-us"><B><I></I></B></SPAN><B><I><SPAN LANG="en-us"></SPAN></I></B><B><I><SPAN LANG="en-us"><FONT FACE="Arial">Jamen McGranahan</FONT></SPAN></I></B><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">Systems Services Librarian</FONT></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">Vanderbilt University</FONT></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">419 21st Avenue South</FONT></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"><FONT SIZE=2 FACE="Arial">Nashville, TN 37240</FONT></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN><SPAN LANG="en-us"></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"><FONT FACE="Calibri"> </FONT></SPAN></P>
<P DIR=LTR><SPAN LANG="en-us"></SPAN></P>
</BODY>
</HTML>