hi all how does one allow remote syslog (not syslog-ng) servers currently logging to the syslog on the central log server (running vanilla syslog) access to dump syslog entires into syslog-ng when started ? if i tail /var/log/messages when syslog-ng is running and syslog is stopped, i can see local messages but nothing from remote hosts which are setup to log to the host. see below re my syslog-ng conf file. options { long_hostnames(off); sync(0); stats(43200); dns_cache(yes); use_fqdn(no); keep_hostname(yes); use_dns(yes); }; source shell { internal(); unix-stream("/dev/log"); tcp(ip(192.49.109.241) port(514) max-connections(300)); }; destination localhost { file("/var/log/messages"); }; log { source(shell); destination(localhost); };
On Wed, 2005-04-13 at 02:56, ip.guy wrote:
hi all
how does one allow remote syslog (not syslog-ng) servers currently logging to the syslog on the central log server (running vanilla syslog) access to dump syslog entires into syslog-ng when started ?
if i tail /var/log/messages when syslog-ng is running and syslog is stopped, i can see local messages but nothing from remote hosts which are setup to log to the host.
see below re my syslog-ng conf file.
options { long_hostnames(off); sync(0); stats(43200); dns_cache(yes); use_fqdn(no); keep_hostname(yes); use_dns(yes); };
source shell { internal(); unix-stream("/dev/log"); tcp(ip(192.49.109.241) port(514) max-connections(300)); ^^^
use udp(ip(192.149.109.241)); Plain syslog is using udp for transport, not tcp. The port defaults to 514. Check with netstat that syslog-ng is listening on udp/514 after reconfig. -- Jens Grigel Citysavingsbank Munich, Germany Dep. of Network and Security
participants (2)
-
ip.guy
-
Jens Grigel