[syslog-ng]Cisco Logging
Shaw, Richard W
Richard.W.Shaw@team.telstra.com
Fri, 6 Apr 2001 17:49:42 +1000
Hi Guys
I've just found syslog-ng and am testing/comparing it to our current syslogd
so I can match the logging then push everything to a syslog server.
My problem is that I'm getting no logs for Cisco devices, I don't even get
anything in the sys.log file(see below):
syslogd.conf file :
local7.debug /var/log/cisco.log
syslog-ng.conf file:
source src {
udp();
tcp();
sun-streams("/dev/log" door("/etc/.syslog_door"));
internal();
};
destination d_mail { file("/tmp/ng/$HOST/$YEAR/$MONTH/$DAY/mail.log"
create_dirs(yes)
); };
destination d_cisco { file("/tmp/ng/$HOST/$YEAR/$MONTH/$DAY/cisco.log"
create_dirs(ye
s)); };
destination d_sshd { file( "/tmp/ng/$HOST/$YEAR/$MONTH/$DAY/sshd.log"
create_dirs(yes
)); };
destination d_tac { file( "/tmp/ng/$HOST/$YEAR/$MONTH/$DAY/tacplus.log"
create_dirs(y
es)); };
destination d_sys { file( "/tmp/ng/$HOST/$YEAR/$MONTH/$DAY/sys.log"
create_dirs(yes))
; };
filter f_mail { facility(mail); };
filter f_cisco { facility(local7) and priority(debug); };
filter f_sshd { match("sshd"); };
filter f_tac { facility(local6); };
log { source(src); filter(f_mail); destination(d_mail); };
log { source(src); filter(f_cisco); destination(d_cisco); };
log { source(src); filter(f_sshd); destination(d_sshd); };
log { source(src); filter(f_tac); destination(d_tac); };
log { source(src); destination(d_sys); };
Thanks in advance for any help
Regards
Richard Shaw