syslog-ng 3.1.3-2 - working examples of remote logging
OK, so syslog has come a long way and many configuration changes in the years :) Can someone provide working examples of (3.1.X) client/server syslog-ng.conf set up for remote logging purposes such as /var/log/messages, /var/log/kern.log, /var/log/auth.log...etc? Would want on local machine as well as remote syslog server. Will also want to remotely log apache access/error log via syslog-ng as well. Any help/tips/pointers is greatly appreciated! Cheers!
Hi, The basic examples in the adminguide should work for a starter, see http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-v3.1-guid... and the subsequent sections, you'll just have to add the files to the client source. I'm sure that others will be able to help you out with apache logs. Regards, Robert Steven Shepherd wrote:
OK, so syslog has come a long way and many configuration changes in the years :)
Can someone provide working examples of (3.1.X) client/server syslog-ng.conf set up for remote logging purposes such as /var/log/messages, /var/log/kern.log, /var/log/auth.log...etc? Would want on local machine as well as remote syslog server. Will also want to remotely log apache access/error log via syslog-ng as well. Any help/tips/pointers is greatly appreciated!
Cheers!
------------------------------------------------------------------------
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
On Jan 20, 2011, at 12:17 PM, Steven Shepherd wrote: OK, so syslog has come a long way and many configuration changes in the years :) Can someone provide working examples of (3.1.X) client/server syslog-ng.conf set up for remote logging purposes such as /var/log/messages, /var/log/kern.log, /var/log/auth.log...etc? Would want on local machine as well as remote syslog server. Will also want to remotely log apache access/error log via syslog-ng as well. Any help/tips/pointers is greatly appreciated! For Apache access logs I'd recommend piping to the logger command. I actually do that for error logs as well so they can be separated out. Use logger's "-t <name>" option to specify access vs. error and it is easy to catch them in syslog-ng. Note that if you customize your access log to the point that the messages could be large (as in recording the User agent) you may want to modify logger's source to have it submit the larger messages. Cheers, Bill -- Bill Anderson, RHCE Linux Systems Engineer bill.anderson@bodybuilding.com<mailto:bill.anderson@bodybuilding.com>
participants (3)
-
Bill Anderson
-
Fekete Robert
-
Steven Shepherd