[syslog-ng]Does syslog-ng support remote logging?

Hamilton, Andrew Mr RAYTHEON 5 SIG CMD HamiltonA@hq.5sigcmd.army.mil
Thu, 27 Sep 2001 08:14:12 +0200 

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C1471B.A0544190
Content-Type: text/plain;
	charset="iso-8859-1"

You should have a source set up that receives UDP packets.  Just include it
in your source statement.
 
Regards,
Drew
-----Original Message-----
From: A. Dumas [mailto:a.dumas@snet.net]
Sent: Thursday, September 27, 2001 4:15 AM
To: syslog-ng@lists.balabit.hu
Subject: [syslog-ng]Does syslog-ng support remote logging?


I've had syslog-ng on a Linux 7.1 box for a couple months and it's been
running great.  
 
I'm attempting to setup remote logging on the various Cisco routers on my
network and have them point to syslog-ng.  I think the Cisco configurations
are set up correctly since I have a sniffer on the network and I can see the
packets going to the Linux box, but nothing shows up in syslog-ng that I can
see.
 
What should I be using in the syslog-ng configuration to isolate the
relevant data?  I've unsuccessfully tried several.
 
 

------_=_NextPart_001_01C1471B.A0544190
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns=3D"http://www.w3.org/TR/REC-html40" xmlns:o =3D=20
"urn:schemas-microsoft-com:office:office" xmlns:w =3D=20
"urn:schemas-microsoft-com:office:word"><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">


<META content=3DWord.Document name=3DProgId>
<META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR>
<META content=3D"Microsoft Word 9" name=3DOriginator><LINK=20
href=3D"cid:filelist.xml@01C146D8.ACF45AE0" rel=3DFile-List><!--[if gte =
mso 9]><xml>
 <o:OfficeDocumentSettings>
  <o:DoNotRelyOnCSS/>
 </o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
 <w:WordDocument>
  <w:View>Normal</w:View>
  <w:Zoom>0</w:Zoom>
  <w:DocumentKind>DocumentEmail</w:DocumentKind>
  <w:EnvelopeVis/>
 </w:WordDocument>
</xml><![endif]-->
<STYLE>@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in =
1.25in; mso-header-margin: .5in; mso-footer-margin: .5in; =
mso-paper-source: 0; }
P.MsoNormal {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
}
LI.MsoNormal {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
}
DIV.MsoNormal {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-style-parent: ""; mso-pagination: widow-orphan; =
mso-fareast-font-family: "Times New Roman"
}
P.MsoAutoSig {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-pagination: widow-orphan; mso-fareast-font-family: "Times New =
Roman"
}
LI.MsoAutoSig {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-pagination: widow-orphan; mso-fareast-font-family: "Times New =
Roman"
}
DIV.MsoAutoSig {
	FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"; =
mso-pagination: widow-orphan; mso-fareast-font-family: "Times New =
Roman"
}
SPAN.EmailStyle15 {
	COLOR: black; mso-style-type: personal-compose; mso-ansi-font-size: =
10.0pt; mso-ascii-font-family: Arial; mso-hansi-font-family: Arial; =
mso-bidi-font-family: Arial
}
DIV.Section1 {
	page: Section1
}
</STYLE>
</HEAD>
<BODY lang=3DEN-US style=3D"tab-interval: .5in">
<DIV><SPAN class=3D007351006-27092001><FONT face=3DArial =
color=3D#0000ff size=3D2>You=20
should have a source set up that receives UDP packets.&nbsp; Just =
include it in=20
your source statement.</FONT></SPAN></DIV>
<DIV><SPAN class=3D007351006-27092001><FONT face=3DArial =
color=3D#0000ff=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D007351006-27092001><FONT face=3DArial =
color=3D#0000ff=20
size=3D2>Regards,</FONT></SPAN></DIV>
<DIV><SPAN class=3D007351006-27092001><FONT face=3DArial =
color=3D#0000ff=20
size=3D2>Drew</FONT></SPAN></DIV>
<BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
  <DIV class=3DOutlookMessageHeader dir=3Dltr align=3Dleft><FONT =
face=3DTahoma=20
  size=3D2>-----Original Message-----<BR><B>From:</B> A. Dumas=20
  [mailto:a.dumas@snet.net]<BR><B>Sent:</B> Thursday, September 27, =
2001 4:15=20
  AM<BR><B>To:</B> syslog-ng@lists.balabit.hu<BR><B>Subject:</B> =
[syslog-ng]Does=20
  syslog-ng support remote logging?<BR><BR></FONT></DIV>
  <DIV class=3DSection1>
  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt">I&#8217;ve=20
  had syslog-ng on a Linux 7.1 box for a couple months and it&#8217;s =
been running=20
  great.<SPAN style=3D"mso-spacerun: yes">&nbsp;=20
  </SPAN><o:p></o:p></SPAN></FONT></SPAN></P>
  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt"><![if !supportEmptyParas]><![endif]>&nbsp;<o:p></o:p></SPAN></FO=
NT></SPAN></P>
  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt">I&#8217;m=20
  attempting to setup remote logging on the various Cisco routers on my =
network=20
  and have them point to syslog-ng.<SPAN style=3D"mso-spacerun: =
yes">&nbsp;=20
  </SPAN>I think the Cisco configurations are set up correctly since I =
have a=20
  sniffer on the network and I can see the packets going to the Linux =
box, but=20
  nothing shows up in syslog-ng that I can=20
  see.<o:p></o:p></SPAN></FONT></SPAN></P>
  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt"><![if =
!supportEmptyParas]><![endif]>&nbsp;<o:p></o:p></SPAN></FONT></SPAN></P>=

  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt">What=20
  should I be using in the syslog-ng configuration to isolate the =
relevant=20
  data?<SPAN style=3D"mso-spacerun: yes">&nbsp; </SPAN>I&#8217;ve =
unsuccessfully tried=20
  several.<o:p></o:p></SPAN></FONT></SPAN></P>
  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt"><![if =
!supportEmptyParas]><![endif]>&nbsp;<o:p></o:p></SPAN></FONT></SPAN></P>=

  <P class=3DMsoNormal><SPAN class=3DEmailStyle15><FONT face=3DArial =
color=3Dblack=20
  size=3D2><SPAN=20
  style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial; mso-bidi-font-size: =
12.0pt"><![if =
!supportEmptyParas]><![endif]>&nbsp;<o:p></o:p></SPAN></FONT></SPAN></P>=
</DIV></BLOCKQUOTE></BODY></HTML>

------_=_NextPart_001_01C1471B.A0544190--