Hello all, I'm new to syslog-ng. I have the program ready to go, but I was wondering if there's a faq or guide somewhere so I can just replace regular syslog functionality on Fedora Core 3. Once I get that working normally, I want to then log different events to different files. Any pointers would be appreciated. thanks! -Mike
Hi Mike, You may want to look here: http://www.oreilly.com/catalog/bssrvrlnx/chapter/ch10.pdf On Wednesday 16 February 2005 19:11, Mike Pepe wrote:
Hello all,
I'm new to syslog-ng. I have the program ready to go, but I was wondering if there's a faq or guide somewhere so I can just replace regular syslog functionality on Fedora Core 3.
Once I get that working normally, I want to then log different events to different files.
Any pointers would be appreciated.
thanks!
-Mike _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Best rgrds, .coder My Intellect is The Power! (c) The Prodigy
Hi Mike, You should be using the rpm from here: https://bugzilla.fedora.us/show_bug.cgi?id=1332 which Jose is actively working on. Other rpm packages of syslog-ng have various minor problems. P. On 02/16/05, Mike Pepe wrote:
Hello all,
I'm new to syslog-ng. I have the program ready to go, but I was wondering if there's a faq or guide somewhere so I can just replace regular syslog functionality on Fedora Core 3.
Once I get that working normally, I want to then log different events to different files.
Any pointers would be appreciated.
-- Philip J. Hollenback Telemetry Investments phollenback@telemetry-investments.com
Thanks for the tips, Where can I find out about this RPM, and where to get the supporting RPMs for it? (libol, etc) thanks again -Mike Philip J. Hollenback wrote:
Hi Mike,
You should be using the rpm from here:
https://bugzilla.fedora.us/show_bug.cgi?id=1332
which Jose is actively working on. Other rpm packages of syslog-ng have various minor problems.
P.
On 02/16/05, Mike Pepe wrote:
Hello all,
I'm new to syslog-ng. I have the program ready to go, but I was wondering if there's a faq or guide somewhere so I can just replace regular syslog functionality on Fedora Core 3.
Once I get that working normally, I want to then log different events to different files.
Any pointers would be appreciated.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mike, Although you may download the syslog-ng and libol SRPMs from this page, ~ http://gsd.di.uminho.pt/jpo/software/RPMS/#SYSLOGNG it wouldn't hurt to read the comments in the Fedora US/Extras bugzilla entries: Syslog-ng: ~ https://bugzilla.fedora.us/show_bug.cgi?id=1332 Libol : ~ https://bugzilla.fedora.us/show_bug.cgi?id=2014 SELinux Warning: ~ Don't install the syslog-ng binary RPM if you ~ are using the SELinux enforcing policy (default in FC3). Regards, jpo Mike Pepe wrote: | Thanks for the tips,>> |> You should be using the rpm from here: |> |> https://bugzilla.fedora.us/show_bug.cgi?id=1332 |> |> which Jose is actively working on. Other rpm packages of syslog-ng |> have various minor problems. |> |> P. | | Where can I find out about this RPM, and where to get the supporting | RPMs for it? (libol, etc) | | thanks again | | -Mike | | Philip J. Hollenback wrote: | |> Hi Mike, |> |> You should be using the rpm from here: |> |> https://bugzilla.fedora.us/show_bug.cgi?id=1332 |> |> which Jose is actively working on. Other rpm packages of syslog-ng |> have various minor problems. |> |> P. - -- José Pedro Oliveira Departamento de Informática, Universidade do Minho Tel: +351 253 604470 * Fax: +351 253 604471 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFCE2+Ul0metZG9hRsRAgJQAJ9tGHz3cBYU+x9UVzFGKmOdE3WMxgCeKfNa TZDiz/8MMqLoXNgKmADtFm8= =zvuk -----END PGP SIGNATURE-----
Hi Jose and everyone, Thanks. I have sucessfully built syslog-ng from the srpms and it's up and running. My whole reason for installing syslog-ng is to finally move all the firewall hits from /var/log/messages. I think these should do it: destination d_iptables { file("/var/log/iptables"); }; filter f_iptables { match("Inbound:"); }; log { source(s_sys); filter(f_iptables); destination(d_iptables); }; but it doesn't seem to. what am I missing? Jose Pedro Oliveira wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mike,
Although you may download the syslog-ng and libol SRPMs from this page,
~ http://gsd.di.uminho.pt/jpo/software/RPMS/#SYSLOGNG
it wouldn't hurt to read the comments in the Fedora US/Extras bugzilla entries:
Syslog-ng: ~ https://bugzilla.fedora.us/show_bug.cgi?id=1332
Libol : ~ https://bugzilla.fedora.us/show_bug.cgi?id=2014
SELinux Warning:
~ Don't install the syslog-ng binary RPM if you ~ are using the SELinux enforcing policy (default in FC3).
Regards, jpo
Mike Pepe wrote: | Thanks for the tips,>> |> You should be using the rpm from here: |> |> https://bugzilla.fedora.us/show_bug.cgi?id=1332 |> |> which Jose is actively working on. Other rpm packages of syslog-ng |> have various minor problems. |> |> P.
| | Where can I find out about this RPM, and where to get the supporting | RPMs for it? (libol, etc) | | thanks again | | -Mike | | Philip J. Hollenback wrote: | |> Hi Mike, |> |> You should be using the rpm from here: |> |> https://bugzilla.fedora.us/show_bug.cgi?id=1332 |> |> which Jose is actively working on. Other rpm packages of syslog-ng |> have various minor problems. |> |> P.
- -- José Pedro Oliveira Departamento de Informática, Universidade do Minho Tel: +351 253 604470 * Fax: +351 253 604471 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFCE2+Ul0metZG9hRsRAgJQAJ9tGHz3cBYU+x9UVzFGKmOdE3WMxgCeKfNa TZDiz/8MMqLoXNgKmADtFm8= =zvuk -----END PGP SIGNATURE----- _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
Whoops, never mind... The original syslog added a colon after "Inbound", syslog-ng does not (not sure why...) but I changed that little bug and excluded Inbound from entering the 'messages' filter, and it's working. Jose I think this might be something worth including in the distribution config file, as a lot of people I know complain about messages filling up with firewall hits. Just a thought... thanks again -Mike
Mike,
The original syslog added a colon after "Inbound", syslog-ng does not (not sure why...) but I changed that little bug and excluded Inbound from entering the 'messages' filter, and it's working.
Jose I think this might be something worth including in the distribution config file, as a lot of people I know complain about messages filling up with firewall hits. Just a thought...
The current configuration file aims to be an "exact" match of the syslog configuration shipped by Red Hat. This allow people to replace sysklogd by syslog-ng without loosing the familiar environment (same sources, destinations, and logging statements). Regards, jpo -- José Pedro Oliveira * mailto: jpo@di.uminho.pt * http://gsd.di.uminho.pt/~jpo * * gpg fingerprint = F9B6 8D87 859D 1C94 48F0 84C0 9749 9EB5 91BD 851B *
participants (5)
-
Jose Pedro Oliveira
-
José Pedro Oliveira
-
Meder Bakirov
-
Mike Pepe
-
Philip J. Hollenback