[syslog-ng]Please help with simple syslog-ng.conf creation questions....

seberino@spawar.navy.mil seberino@spawar.navy.mil
Wed, 5 Feb 2003 11:23:20 -0800 

Is there any danger in just starting /usr/local/sbin/syslog-ng
from rc.local???  It will get started *later* than if I messed
with startup scripts but then again... logging ain't really
vital for kernel to run right???

Are there any vital switches or should I just do plain ol'

/usr/local/sbin/syslog-ng &

??

Thanks,

Chris


On Tue, Feb 04, 2003 at 03:55:37PM -0500, Hamilton, Andrew wrote:
>  Forgot to mention that you need to change your startup scripts in RedHat to
> work with 
> syslog-ng.  It is fairly simple.  Look in /etc/rc.d/init.d.
> 
> Regards,
> 
> Drew
> 
> -----Original Message-----
> From: seberino@spawar.navy.mil
> To: Hamilton, Andrew
> Cc: syslog-ng@lists.balabit.hu
> Sent: 2/3/2003 3:23 PM
> Subject: Re: [syslog-ng]Please help with simple syslog-ng.conf creation qu
> estions....
> 
> Andrew
> 
> Thanks again for all your help.  I combined all your tips
> to make a simple "just put everything in /var/log/messages for now"
> version of /etc/syslog-ng/syslog-ng.conf....
> 
> ----
> source      src  {unix-stream("/dev/log"); pipe("/proc/kmsg");
> internel();};
> destination dest {file("/var/log/messages");};
> log              {source(src); destination(dest);};
> ----
> 
> Can I ask you a few more questions about this?
> 
> I called my identifiers "src" and "dest".  I assume it does not
> matter what I call these as long as I use those same identifiers
> in log line???
> 
> Since Red Hat is not set up to use syslog-ng by default, I assume I must
> remove syslogd and klogd from startup "things to do list" and start
> /usr/local/sbin/syslog-ng from /etc/rc.d/rc.local myself???
> 
> If I want syslog-ng to accept remote messages from remote syslog-ng
> daemons,
> must I add something else to syslog-ng.conf above such as item
> regarding port #514 UDP??? (syslog is tied to this port).  I need to ask
> 
> this because the word "remote" is NOT even mentioned in the syslog-ng
> docs???!?!?
> 
> Thanks again,
> 
> Chris
> 
> 
> 
> On Mon, Feb 03, 2003 at 08:28:32AM -0500, Hamilton, Andrew wrote:
> > It depends on what you want to do.  I think it is a good idea to run
> kernel
> > messages through syslog-ng.  I have less overhead and less to worry
> about.
> > The source you have is correct.
> > 
> > Regards,
> > 
> > Drew
> > 
> > -----Original Message-----
> > From: seberino@spawar.navy.mil [mailto:seberino@spawar.navy.mil]
> > Sent: Friday, January 31, 2003 6:59 PM
> > To: Hamilton, Andrew
> > Cc: syslog-ng@lists.balabit.hu
> > Subject: Re: [syslog-ng]Please help with simple syslog-ng.conf
> creation
> > qu estions....
> > 
> > 
> > Andrew
> > 
> > Thanks!  There is lots to learn since config file much
> > more complicated now.
> > 
> > Do you run syslog-ng daemon AND klogd too???
> > 
> > FAQ says to have syslog-ng handle kernel messages I must
> > kill klogd and add this to syslog-ng.conf....
> > 
> > source src { pipe("/proc/kmsg"); unix-stream("/dev/log"); internel();
> };
> > 
> > I assume this is a good idea.  Perhaps that is what you do???
> > 
> > Thanks again,
> > 
> > Chris
> > 
> > 
> > On Thu, Jan 30, 2003 at 02:14:27PM -0500, Hamilton, Andrew wrote:
> > > Nope.  But you can do this:
> > > 
> > > source s_all{ unix-stream("/dev/log"); internal(); };
> > > destination d_messages { file("/var/log/messages"); };
> > > 
> > > log { source(s_all); destination(d_messages); };
> > > 
> > > That should do it.  If you are using Solaris you should use
> > > 
> > > source local { sun-streams("/dev/log" door("/etc/.syslog_door"));
> > > internal(); };
> > > 
> > > Look in the syslog-ng/doc directory for sample configs.
> > > 
> > > 
> > > Regards,
> > > 
> > > Drew
> > > 
> > > -----Original Message-----
> > > From: seberino@spawar.navy.mil [mailto:seberino@spawar.navy.mil]
> > > Sent: Thursday, January 30, 2003 2:01 PM
> > > To: syslog-ng@lists.balabit.hu
> > > Subject: [syslog-ng]Please help with simple syslog-ng.conf creation
> > > questions....
> > > 
> > > 
> > > configure;make;make install  of syslog-ng source did not create
> > > /etc/syslog-ng directory with
> > > /etc/syslog-ng.conf ready to go.
> > > 
> > > I assume I must create this directory and file
> > > myself???
> > > 
> > > syslog-ng has *tons* of features.  Please tell
> > > me how I can just throw everything into /var/log/messages.
> > > I don't require fancy stuff just yet.
> > > 
> > > In old syslog.conf this would be:
> > > 
> > >    *.info	   /var/log/messages
> > > 
> > > Will syslog-ng recognize a one line syslog-ng.conf
> > > containing this old style config???
> > > 
> > > thanks,
> > > 
> > > Chris
> > > -- 
> > > _______________________________________
> > > 
> > > Dr. Christian Seberino
> > > SPAWAR Systems Center San Diego
> > > Code 2363
> > > 49590 Lassing Road, Room A339
> > > San Diego, CA 92152-6147
> > > U.S.A.
> > > 
> > > Phone: (619) 553-7940
> > > Fax:   (619) 553-1269
> > > Email: seberino@spawar.navy.mil
> > > _______________________________________
> > > 
> > > _______________________________________________
> > > syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> > > https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > > Frequently asked questions at
> http://www.campin.net/syslog-ng/faq.html
> > > 
> > > _______________________________________________
> > > syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> > > https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > > Frequently asked questions at
> http://www.campin.net/syslog-ng/faq.html
> > 
> > -- 
> > _______________________________________
> > 
> > Dr. Christian Seberino
> > SPAWAR Systems Center San Diego
> > Code 2872
> > San Diego, CA 92152-6147
> > U.S.A.
> > 
> > Phone: (619) 553-9973
> > Fax:
> > Email: seberino@spawar.navy.mil
> > _______________________________________
> 
> -- 
> _______________________________________
> 
> Dr. Christian Seberino
> SPAWAR Systems Center San Diego
> Code 2872
> San Diego, CA 92152-6147
> U.S.A.
> 
> Phone: (619) 553-9973
> Fax:
> Email: seberino@spawar.navy.mil
> _______________________________________

-- 
_______________________________________

Dr. Christian Seberino
SPAWAR Systems Center San Diego
Code 2872
San Diego, CA 92152-6147
U.S.A.

Phone: (619) 553-9973
Fax:
Email: seberino@spawar.navy.mil
_______________________________________