Asif Iqbal wrote:
Asif Iqbal wrote:
Hi All
I am trying to setup a central syslog server. Server A will push all its data to Server B (central syslog server, ip 1.2.3.4)
Server A: ********* options { dir_perm(0755); perm(0644); chain_hostnames(no); keep_hostname(yes); };
source src { sun-streams("/dev/log"); udp(); internal(); };
destination d_server_B { udp("1.2.3.4" port(514)); };
log { source(src); destination(d_server_B); };
Server B: ********** options { dir_perm(0755); perm(0644); chain_hostnames(no); keep_hostname(yes); };
source local { sun-streams("/dev/log"); udp(); internal(); };
destination d_mysql { pipe("/tmp/mysql.pipe" template("INSERT INTO logs (host, facility, priority, level, tag, date, time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL', '$TAG', '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n") template-escape(yes)); };
log { source(local); destination(d_mysql); };
But It does not seem to fully working. I get lots of logs in Server A from the routers. However only logs that Server B (central syslog server) gets from Server A are internal logs, nothing about the routers
Am I missing something ?
Thanks --
Hi All
I am still looking for somehelp incase in got slipped through your email
I am trying to collect all the logs from the router that get pushed on local0. I can definitely see them in syslogd but not in syslog-ng. Once I collect those data I should be able to push them to my central server Server B
Thanks for any help/suggestion
Its working. I had to use udp(ip(1.2.3.4) port(514)) instead of just udp() to receive logs coming from routers. Also my central log serer working exactly how it is explained in the FAQ Thanks a lot for such an awesome tool -- Asif Iqbal http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x8B686E08 There's no place like 127.0.0.1