Re: [syslog-ng]Configure syslog-ng to act as a central logging server

31 Mar 2005

      Final question (for now).  

Should i use "unix_stream" or "unix_dgram" w/in the source setting?  I
read in the Linux Server Security book that I should use unix_dgram on
newer kernels.  I'm on kernel 2.6.x

Thanks, Ryan
...
...
...
billn@billn.net 03/31 10:55 am >>> 
On Thu, 31 Mar 2005, Ryan McCain wrote:
...
source s_sys { file ("/proc/kmsg" log_prefix("kernel: ")); 
unix_stream("/dev/log"); internal(); };
destination hosts { 
file("/var/syslog/HOSTS/$HOST/$YEAR/$MONTH/$HOST-$FACILITY-$YEAR$MONTH$DAY"
...
owner(root) group(root) perm(0755) dir_perm(0755) create_dirs(yes)); 
};
log { source(s_sys); destination(hosts); };
Yup. Should work like a champ. It's very similiar to a larger deployment

I'm using. 

- billn 

syslog-ng maillist  -  syslog-ng@lists.balabit.hu 
https://lists.balabit.hu/mailman/listinfo/syslog-ng 
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html