[syslog-ng]syslog-ng and Solaris

[Bernd Jucknischke]

On Tue, Oct 10, 2000 at 05:35:44PM -0600, dwarf@solarisresources.com wrote:
> Hi There,

Hi Dwarf ;-)!

>   I've managed to compile up syslog-ng on a Solaris 8 box and have a few questions I hope you can answer:
> 
> 1.  I assume that I can kill the script that starts Solaris Syslogd with no ill effects?

Yes!

> 2.  Can I set a startup script that runs syslog-ng as a daemon process.

Yes, here's what I've put in /etc/init.d/syslog-ng:


----- SNIP -----
#!/sbin/sh
#
# Copyright (c) 1991-1999 by Sun Microsystems, Inc.
# All rights reserved.
#
# adapted to syslog-ng by BJ, Aug, 7th 2000
#
#ident  "@(#)syslog     1.13    99/09/06 SMI"

case "$1" in
'start')
        if [ -f /etc/syslog-ng/syslog-ng.conf -a -f /usr/local/sbin/syslog-ng ]; then
                echo 'syslog-ng service starting.'
                #
                # Before syslog-ng starts, save any messages from previous
                # crash dumps so that messages appear in chronological order.
                #
                /usr/bin/savecore -m
                if [ -r /etc/dumpadm.conf ]; then
                        . /etc/dumpadm.conf
                        [ "x$DUMPADM_DEVICE" != xswap ] && \
                            /usr/bin/savecore -m -f $DUMPADM_DEVICE
                fi
                /usr/local/sbin/syslog-ng -p /etc/syslog-ng/syslog-ng.pid > /dev/msglog 2>&1 &
        fi
        ;;

'stop')
        if [ -f /etc/syslog-ng/syslog-ng.pid ]; then
                syspid=`/usr/bin/cat /etc/syslog-ng/syslog-ng.pid`
                [ "$syspid" -gt 0 ] && kill -15 $syspid && rm /etc/syslog-ng/syslog-ng.pid
        fi
        ;;

*)
        echo "Usage: $0 { start | stop }"
        exit 1
        ;;
esac
----- SNIP -----

> 3.  I've got most of the options setup the way that I want them but can't seem to figure out how to setup one or two machines as syslog servers and a few dozen machines to forward all syslog messages to both of the syslog servers.

And here /etc/syslog-ng/syslog-ng.conf for my syslog server:

----- SNIP -----
source local { sun-streams("/dev/log" door("/etc/.syslog_door")); internal(); };
source net_tcp { tcp(); };
source net_udp { udp(); };

#destination all { file("/var/log/messages"); };
destination all { file("/var/adm/messages_$DAY"); };

destination net_log { file("/var/adm/$FACILITY.$PRIORITY_$DAY"); };

log { source(local); destination(all); };

log { source(net_tcp); source(net_udp); destination(net_log); };
----- SNIP -----

I don't have access to the clients, so I can't help you there, I'm afraid
you'll have to RTFM ;-)

> If you could pass along info on the above, that would be greatly appreciated.
> 
> thanks in advance,
> alan

Hope that helps,

  Bernd