[syslog-ng]Logging Remotely from Solaris to Linux Update

Ron Braley braley@aero.und.edu
Tue, 04 Jun 2002 08:21:37 -0500 

Bradley -

Thanks very much for the information!

rb

Ron Braley
Network Team Leader - CCNP
Systems Team Leader - MCSE, CNE
University of North Dakota (Aerospace College)
braley@aero.und.edu
701-777-2964 (work) / 2940 (fax)

>>> arlt@cpsc.ucalgary.ca 06/04/02 08:18AM >>>
On Tue, Jun 04, 2002 at 09:22:15AM +0200, Balazs Scheidler wrote:
> On Mon, Jun 03, 2002 at 11:36:06AM -0500, Ron Braley wrote:
> > Hi Bazsi
> > 
> > Here's an update and continued question:  Everything seems to be
fine
> > when syslogging remotely from the Solaris box to the Linux box
except
> > that cron priorities of debug - critical don't get sent (just
emerg). 
> > Also, Solaris and Linux boxes alike won't send daemon priorities
debug
> > or information messages to the log host.
> 
> this might be caused by the different facility codes between linux
and
> solaris. Syslog-ng uses the codes of the host operating system it
was
> compiled on. Maybe a feature to map facility codes would be useful.

Usually I just a bunch of #defines in syslog-names.c and slap the
extra
facilities on sl_facilities[].

I only ever bother with this on our loghost, but it is very useful.
Linux, Solaris, Irix, and BSD are all a little bit different, and it
is handy to be able to handle various faculities correctly.

For example I handle the Linux/BSD authpriv, auth, and the BSD only
"security" facilities the same, but my loghost runs Solaris and
doesn't
know about the other two facility by default.

Having this built in so I can define it in a configuration file would
be sweet!  But I am looking more for an index than a map (or maybe that
is
what you meant by map).

What I'd like is something like:
(9<<3)  -> CRON		/* !Sun */
(11<<3) -> FTP		/* Linux */
(12<<3) -> NTP		/* BSD */
(13<<3) -> AUDIT	/* Irix */
(13<<3) -> SECURITY	/* BSD */
(15<<3) -> CRON		/* Sun */
----------------------------------------------------------------------------
   __o		Bradley Arlt				Security Team
Lead
 _ \<_		arlt@cpsc.ucalgary.ca			University Of
Calgary
(_)/(_) 	http://pages.cpsc.ucalgary.ca/~arlt/	Computer
Science


_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu 
https://lists.balabit.hu/mailman/listinfo/syslog-ng