Can anyone provide some sample configurations for Redhat 7.1 systems, both as a central log server and it's clients?
This conf duplicates the default RedHat: # syslog-ng.conf options { long_hostnames(off); sync(0); }; source syslog { internal(); file(/proc/kmsg); unix-stream(/dev/log); udp(ip(0.0.0.0) port(514)); }; destination secure { file(/var/log/secure); }; destination messages { file(/var/log/messages); }; destination cron { file(/var/log/cron); }; destination maillog { file(/var/log/maillog); }; destination boot.log { file(/var/log/boot.log); }; destination console { file(/dev/console); }; filter f_console{ facility(kern) or level(emerg); }; filter f_messages { level(info..warn) and not facility(authpriv, mail, cron); }; filter f_authpriv { facility(authpriv); }; filter f_mail { facility(mail); }; filter f_cron { facility(cron); }; filter f_local7 { facility(local7); }; # kern.* /dev/console # *.emerg * log { source(syslog); filter(f_console); destination(console); }; # *.info;mail.none;authpriv.none;cron.none /var/log/messages log { source(syslog); filter(f_messages); destination(messages); }; # authpriv.* /var/log/secure log { source(syslog); filter(f_authpriv); destination(secure); }; # mail.* /var/log/maillog log { source(syslog); filter(f_mail); destination(maillog); }; # cron.* /var/log/cron log { source(syslog); filter(f_cron); destination(cron); }; # local7.* /var/log/boot.log log { source(syslog); filter(f_local7); destination(boot.log); }; And this is the SysV init script to put it /etc/init.d/: (note it uses the original syslogd.pid so you don't have to reconfigure anythingelse, like logrotate, etc.; you can also put configuration options in /etc/sysconfig/syslog-ng, just like syslog) #!/bin/bash # # syslog-ng Starts syslog-ng/klogd. # # Source function library. . /etc/init.d/functions [ -f /sbin/syslog-ng ] || exit 0 [ -f /sbin/klogd ] || exit 0 # Source config if [ -f /etc/sysconfig/syslog-ng ] ; then . /etc/sysconfig/syslog-ng else SYSLOG_NG_OPTIONS="-p /var/run/syslogd.pid -f /etc/syslog- ng.conf" KLOGD_OPTIONS="-2" fi RETVAL=0 umask 077 start() { echo -n $"Starting system logger: " daemon syslog-ng $SYSLOG_NG_OPTIONS RETVAL=$? echo echo -n $"Starting kernel logger: " daemon klogd $KLOGD_OPTIONS echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng return $RETVAL } stop() { echo -n $"Shutting down kernel logger: " killproc klogd echo echo -n $"Shutting down system logger: " killproc syslog-ng RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/syslog-ng return $RETVAL } rhstatus() { status syslog-ng status klogd } restart() { stop start } case "$1" in start) start ;; stop) stop ;; status) rhstatus ;; restart|reload) restart ;; condrestart) [ -f /var/lock/subsys/syslog-ng ] && restart || : ;; *) echo $"Usage: $0 {start|stop|status|restart|condrestart}" exit 1 esac exit $?