[syslog-ng]Trying to send log over network
Simeon Johnston
simeonuj@eetc.com
Wed, 28 Feb 2001 08:33:42 -0600
Balazs Scheidler wrote:
> destination tcp drivers should look like this:
>
> destination d_bg { tcp("192.168.1.19" port(514)); };
>
> --
> Bazsi
Thanks, this seems to work. I still am not getting any logging over the
network. This is the new complete logserver config and the syslog-ng config used
for sending messages. No errors but still is not logging anything.
Is there a problem with the options? I am not a network guru and don't know what
most of these mean. Is there any other problems that could cause this problem?
Anything at all would be of great help.
sim
This is the Logserver config
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (on);
use_dns (no);
use_fqdn (no);
create_dirs (yes);
keep_hostname (yes);
};
source s_sys { unix-stream ("/dev/log"); internal(); };
source s_tcp { tcp (ip(192.168.1.1) port(514)); };
destination d_cons { file("/var/log/ng/kernel"); };
destination d_mesg { file("/var/log/ng/messages"); };
destination d_auth { file("/var/log/ng/secure"); };
destination d_mail { file("/var/log/ng/maillog"); };
destination d_spol { file("/var/log/ng/spooler"); };
destination d_boot { file("/var/log/ng/boot.log"); };
destination d_mlal { file("/var/log/emerg.log"); };
destination d_pptp { file("/var/log/pptpd.log"); };
destination d_daemon { file("/var/log/ng/daemon.log"); };
destination d_firewall { file("/var/log/ng/firewall.log"); };
destination d_sshd { file("/var/log/sshd.log"); };
destination d_cron { file("/var/log/cron.log"); };
filter f_filter1 { facility(kern); };
filter f_filter2 { level(info) and not facility(mail,authpriv,kern); };
filter f_filter3 { facility(authpriv); };
filter f_filter4 { facility(mail); };
filter f_filter5 { level(emerg); };
filter f_filter6 { facility(uucp); };
filter f_pptpd { program(pptpd); };
filter f_daemon { facility(daemon); };
filter f_boot { facility(local7); };
filter f_firewall { host("SparcFirewall") or level(info) or
host("192.168.1.1") or match("sshd"); };
filter f_sshd { program(sshd); };
filter f_cron { program(cron); };
log { source(s_sys); filter(f_filter1); destination(d_cons); };
log { source(s_sys); filter(f_filter2); destination(d_mesg); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
log { source(s_sys); filter(f_filter4); destination(d_mail); };
log { source(s_sys); filter(f_filter5); destination(d_mlal); };
log { source(s_sys); filter(f_filter6); destination(d_spol); };
log { source(s_sys); filter(f_pptpd); destination(d_pptp); };
log { source(s_sys); filter(f_daemon); destination(d_daemon); };
log { source(s_sys); filter(f_boot); destination(d_boot); };
log { source(s_tcp); filter(f_firewall); destination(d_firewall); };
log { source(s_sys); filter(f_sshd); destination(d_sshd); };
log { source(s_sys); filter(f_cron); destination(d_cron); };
This is the other config.
options { sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (on);
use_dns (no);
use_fqdn (no);
create_dirs (yes);
keep_hostname (yes);
};
source s_sys { unix-stream ("/dev/log"); internal(); };
destination d_cons { file("/var/log/ng/kern.log"); };
destination d_mesg { file("/var/log/ng/messages"); };
destination d_auth { file("/var/log/ng/secure"); };
destination d_mail { file("/var/log/ng/maillog"); };
destination d_spol { file("/var/log/ng/spooler"); };
destination d_boot { file("/var/log/ng/boot.log"); };
destination d_mlal { file("/var/log/ng/emerg.log"); };
destination d_dhcp { file("/var/log/ng/dhcpd.log"); };
destination d_ipchains { file("/var/log/ng/ipchains.log"); };
destination d_bg { tcp("192.168.1.19" port(514)); };
destination d_sshd { file("/var/log/ng/sshd.log"); };
filter f_filter1 { facility(kern); };
filter f_filter2 { level(info); };
filter f_filter3 { facility(authpriv); };
filter f_filter4 { facility(mail); };
filter f_filter5 { level(emerg); };
filter f_filter6 { facility(uucp) or
(facility(news) and level(crit)); };
filter f_dhcp { match("dhcpd"); };
filter f_ipchains { match("ipchains"); };
filter f_sshd { match("sshd"); };
log { source(s_sys); filter(f_filter1); destination(d_cons); };
log { source(s_sys); filter(f_filter2); destination(d_mesg); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
log { source(s_sys); filter(f_filter4); destination(d_mail); };
log { source(s_sys); filter(f_filter5); destination(d_mlal); };
log { source(s_sys); filter(f_filter6); destination(d_spol); };
log { source(s_sys); filter(f_dhcp); destination(d_dhcp); };
log { source(s_sys); filter(f_ipchains); destination(d_ipchains); };
log { source(s_sys); filter(f_filter2); destination(d_bg); };
log { source(s_sys); filter(f_sshd); destination(d_sshd); };