Re: [syslog-ng]Please help with simple syslog-ng.conf creation qu estions....

3 Feb 2003

      Andrew

Thanks again for all your help.  I combined all your tips
to make a simple "just put everything in /var/log/messages for now"
version of /etc/syslog-ng/syslog-ng.conf....

----
source      src  {unix-stream("/dev/log"); pipe("/proc/kmsg"); internel();};
destination dest {file("/var/log/messages");};
log              {source(src); destination(dest);};
----

Can I ask you a few more questions about this?

I called my identifiers "src" and "dest".  I assume it does not
matter what I call these as long as I use those same identifiers
in log line???

Since Red Hat is not set up to use syslog-ng by default, I assume I must
remove syslogd and klogd from startup "things to do list" and start
/usr/local/sbin/syslog-ng from /etc/rc.d/rc.local myself???

If I want syslog-ng to accept remote messages from remote syslog-ng daemons,
must I add something else to syslog-ng.conf above such as item
regarding port #514 UDP??? (syslog is tied to this port).  I need to ask 
this because the word "remote" is NOT even mentioned in the syslog-ng
docs???!?!?

Thanks again,

Chris

On Mon, Feb 03, 2003 at 08:28:32AM -0500, Hamilton, Andrew wrote:
...
It depends on what you want to do.  I think it is a good idea to run kernel
messages through syslog-ng.  I have less overhead and less to worry about.
The source you have is correct.
Regards,
Drew
-----Original Message-----
From: seberino@spawar.navy.mil [mailto:seberino@spawar.navy.mil]
Sent: Friday, January 31, 2003 6:59 PM
To: Hamilton, Andrew
Cc: syslog-ng@lists.balabit.hu
Subject: Re: [syslog-ng]Please help with simple syslog-ng.conf creation
qu estions....
Andrew
Thanks!  There is lots to learn since config file much
more complicated now.
Do you run syslog-ng daemon AND klogd too???
FAQ says to have syslog-ng handle kernel messages I must
kill klogd and add this to syslog-ng.conf....
source src { pipe("/proc/kmsg"); unix-stream("/dev/log"); internel(); };
I assume this is a good idea.  Perhaps that is what you do???
Thanks again,
Chris
On Thu, Jan 30, 2003 at 02:14:27PM -0500, Hamilton, Andrew wrote:
...
Nope.  But you can do this:
source s_all{ unix-stream("/dev/log"); internal(); };
destination d_messages { file("/var/log/messages"); };
log { source(s_all); destination(d_messages); };
That should do it.  If you are using Solaris you should use
source local { sun-streams("/dev/log" door("/etc/.syslog_door"));
internal(); };
Look in the syslog-ng/doc directory for sample configs.
Regards,
Drew
-----Original Message-----
From: seberino@spawar.navy.mil [mailto:seberino@spawar.navy.mil]
Sent: Thursday, January 30, 2003 2:01 PM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]Please help with simple syslog-ng.conf creation
questions....
configure;make;make install  of syslog-ng source did not create
/etc/syslog-ng directory with
/etc/syslog-ng.conf ready to go.
I assume I must create this directory and file
myself???
syslog-ng has *tons* of features.  Please tell
me how I can just throw everything into /var/log/messages.
I don't require fancy stuff just yet.
In old syslog.conf this would be:
*.info	   /var/log/messages
Will syslog-ng recognize a one line syslog-ng.conf
containing this old style config???
thanks,
Chris
-- 
_______________________________________
Dr. Christian Seberino
SPAWAR Systems Center San Diego
Code 2363
49590 Lassing Road, Room A339
San Diego, CA 92152-6147
U.S.A.
Phone: (619) 553-7940
Fax:   (619) 553-1269
Email: seberino@spawar.navy.mil
_______________________________________
_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- 
_______________________________________
Dr. Christian Seberino
SPAWAR Systems Center San Diego
Code 2872
San Diego, CA 92152-6147
U.S.A.
Phone: (619) 553-9973
Fax:
Email: seberino@spawar.navy.mil
_______________________________________
-- 
_______________________________________

Dr. Christian Seberino
SPAWAR Systems Center San Diego
Code 2872
San Diego, CA 92152-6147
U.S.A.

Phone: (619) 553-9973
Fax:
Email: seberino@spawar.navy.mil
_______________________________________

seberino＠spawar.navy.mil

tags

participants (1)