[syslog-ng]central syslog server
Asif Iqbal
syslog-ng@lists.balabit.hu
Tue, 30 Dec 2003 22:59:24 -0500
Asif Iqbal wrote:
> Hi All
>
> I am trying to setup a central syslog server. Server A will push all its data to
> Server B (central syslog server, ip 1.2.3.4)
>
> Server A:
> *********
> options { dir_perm(0755); perm(0644); chain_hostnames(no);
> keep_hostname(yes); };
>
> source src {
> sun-streams("/dev/log");
> udp();
> internal();
> };
>
> destination d_server_B {
> udp("1.2.3.4" port(514));
> };
>
> log { source(src); destination(d_server_B); };
>
>
> Server B:
> **********
> options { dir_perm(0755); perm(0644); chain_hostnames(no);
> keep_hostname(yes); };
>
> source local {
> sun-streams("/dev/log");
> udp();
> internal();
> };
>
> destination d_mysql {
> pipe("/tmp/mysql.pipe"
> template("INSERT INTO logs (host, facility, priority, level, tag, date,
> time, program, msg) VALUES ( '$HOST', '$FACILITY', '$PRIORITY', '$LEVEL',
> '$TAG',
> '$YEAR-$MONTH-$DAY', '$HOUR:$MIN:$SEC', '$PROGRAM', '$MSG' );\n")
> template-escape(yes));
> };
>
> log { source(local); destination(d_mysql); };
>
> But It does not seem to fully working. I get lots of logs in Server A from the
> routers. However only logs that Server B (central syslog server) gets from
> Server A are internal logs, nothing about the routers
>
> Am I missing something ?
>
> Thanks
> --
Hi All
I am still looking for somehelp incase in got slipped through your email
I am trying to collect all the logs from the router that get pushed on
local0. I can definitely see them in syslogd but not in syslog-ng. Once
I collect those data I should be able to push them to my central server
Server B
Thanks for any help/suggestion
--
Asif Iqbal
http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x8B686E08
There's no place like 127.0.0.1