Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); }; Have you one idea ? Thx Damien Michau Paris
On Tue, 10 May 2005, Damien Michau wrote:
Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf
source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); };
Your source declaration shouldn't be the IP of your pix, it should be the IP on your syslog server you wish your udp socket to listen on. In most cases, this should just be 0.0.0.0 or your servers actual IP. - billn
this is the server actual ip ----- Original Message ----- From: "Bill Nash" <billn@billn.net> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, May 10, 2005 7:20 PM Subject: Re: [syslog-ng]Pix problem
On Tue, 10 May 2005, Damien Michau wrote:
Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf
source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); };
Your source declaration shouldn't be the IP of your pix, it should be the IP on your syslog server you wish your udp socket to listen on. In most cases, this should just be 0.0.0.0 or your servers actual IP.
- billn _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
How do I setup a PIX with syslog-ng? what are the values I can use? Do I need to specify the IP addy of the PIX? What about the protocol I want to capture, what if i want to capture UDP and TCP? How would I set it up if i wanted all the data from my PIX to go the syslog-ng server? Thank you, Andrew Meyer andrewm659@yahoo.com --- Damien Michau <d.michau@ag.com> wrote:
this is the server actual ip ----- Original Message ----- From: "Bill Nash" <billn@billn.net> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, May 10, 2005 7:20 PM Subject: Re: [syslog-ng]Pix problem
On Tue, 10 May 2005, Damien Michau wrote:
Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf
source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); };
Your source declaration shouldn't be the IP of your pix, it should be the IP on your syslog server you wish your udp socket to listen on. In most cases, this should just be 0.0.0.0 or your servers actual IP.
- billn _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
I'm worth a million in prizes With my torture film Drive a GTO Wear a uniform On a government loan. __________________________________________ Yahoo! DSL Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com
You will not want to setup TCP syslog from the PIX. Even though the PIX can connect and log via TCP to syslog, any error will cause the PIX to stop logging to syslog. Here are docs for setting up logging to syslog for pix OS 7.0. I believe the syntaz is the same for 5.x and 6.x but a quick google search should provide you with what you need. -asher On 12/27/05, Andrew Meyer <andrewm659@yahoo.com> wrote:
How do I setup a PIX with syslog-ng? what are the values I can use? Do I need to specify the IP addy of the PIX? What about the protocol I want to capture, what if i want to capture UDP and TCP? How would I set it up if i wanted all the data from my PIX to go the syslog-ng server?
Thank you, Andrew Meyer andrewm659@yahoo.com
--- Damien Michau <d.michau@ag.com> wrote:
this is the server actual ip ----- Original Message ----- From: "Bill Nash" <billn@billn.net> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, May 10, 2005 7:20 PM Subject: Re: [syslog-ng]Pix problem
On Tue, 10 May 2005, Damien Michau wrote:
Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf
source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); };
Your source declaration shouldn't be the IP of your pix, it should be the IP on your syslog server you wish your udp socket to listen on. In most cases, this should just be 0.0.0.0 or your servers actual IP.
- billn _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
I'm worth a million in prizes With my torture film Drive a GTO Wear a uniform On a government loan.
__________________________________________ Yahoo! DSL – Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
OK.....is there a way to log/define all 8 logging facilities in syslog-ng this is all new to me, and i'm following a debian tutorial. So any other info you can give me would be awsome. Thank you, Andrew --- Asher Yanich <ayanic01@cs.fiu.edu> wrote:
You will not want to setup TCP syslog from the PIX. Even though the PIX can connect and log via TCP to syslog, any error will cause the PIX to stop logging to syslog.
Here are docs for setting up logging to syslog for pix OS 7.0. I believe the syntaz is the same for 5.x and 6.x but a quick google search should provide you with what you need.
-asher
On 12/27/05, Andrew Meyer <andrewm659@yahoo.com> wrote:
How do I setup a PIX with syslog-ng? what are the values I can use? Do I need to specify the IP addy of the PIX? What about the protocol I want to capture, what if i want to capture UDP and TCP? How would I set it up if i wanted all the data from my PIX to go the syslog-ng server?
Thank you, Andrew Meyer andrewm659@yahoo.com
--- Damien Michau <d.michau@ag.com> wrote:
this is the server actual ip ----- Original Message ----- From: "Bill Nash" <billn@billn.net> To: <syslog-ng@lists.balabit.hu> Sent: Tuesday, May 10, 2005 7:20 PM Subject: Re: [syslog-ng]Pix problem
On Tue, 10 May 2005, Damien Michau wrote:
Hi All ! I have some probleme ta log my pix's log into my syslog-ng server . i have mounted a Syslog-ng server to store my pix's log . But there is nothing in my pix.log i'have put this lines in my syslog-ng.conf
source pix { udp(ip(10.60.10.111) port());}; destination pix { file("/var/log/pix.log"); }; log { source(pix);destination(pix); };
Your source declaration shouldn't be the IP of your pix, it should be the IP on your syslog server you wish your udp socket to listen on. In most cases, this should just be 0.0.0.0 or your servers actual IP.
- billn
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
I'm worth a million in prizes With my torture film Drive a GTO Wear a uniform On a government loan.
__________________________________________ Yahoo! DSL � Something to write home about. Just $16.99/mo. or less. dsl.yahoo.com
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
I'm worth a million in prizes With my torture film Drive a GTO Wear a uniform On a government loan. __________________________________ Yahoo! for Good - Make a difference this year. http://brand.yahoo.com/cybergivingweek2005/
participants (4)
-
Andrew Meyer
-
Asher Yanich
-
Bill Nash
-
Damien Michau