[syslog-ng]central syslog server

Asif Iqbal syslog-ng@lists.balabit.hu
Tue, 23 Dec 2003 10:57:05 -0500 (EST)


Hi All

I am trying to setup a central syslog server. Server A will push all its data to
Server B (central syslog server, ip 1.2.3.4)

Server A:
*********
options { dir_perm(0755); perm(0644); chain_hostnames(no);
          keep_hostname(yes); };

source src {
        sun-streams("/dev/log");
        udp();
        internal();
};

destination d_server_B {
        udp("1.2.3.4" port(514));
};

log { source(src); destination(d_server_B); };


Server B:
**********
options { dir_perm(0755); perm(0644); chain_hostnames(no);
          keep_hostname(yes); };

source local {
        sun-streams("/dev/log");
        udp();
        internal();
};

destination d_mysql {
pipe("/tmp/mysql.pipe"
template("INSERT INTO logs (host, facility, priority, level, tag, date,
time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL',
'$TAG',
'$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
template-escape(yes));
};

log { source(local); destination(d_mysql); };

But It does not seem to fully working. I get lots of logs in Server A from the
routers. However only logs that Server B (central syslog server) gets from
Server A are internal logs, nothing about the routers

Am I missing something ?

Thanks
-- 
Asif Iqbal
http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x8B686E08
There's no place like 127.0.0.1