[syslog-ng]Newbie question

Dale B. Sorry syslog-ng@lists.balabit.hu
Fri, 7 Mar 2003 22:32:44 -0800 (PST) 

you got the right idea, but the log parsing/filtering is all done on the
server side.

some great examples can be found here:

http://venus.ece.ndsu.nodak.edu/~jezerr/linux/secure-remote-logging.html#syslog-ng-config


On Fri, 7 Mar 2003, Vilmos Branyik wrote:

> Hello,
> 
> I'm setting up syslog-ng for the first time. I used the Central Loghost
> Mini-HOWTO.
> 
> I followed the instructions step by step but there are no local messages
> being logged to the system. I haven't tried remote logging yet.
> 
> I have posted my config file below this message. If someone could point out
> my error, I would appreciate it.
> 
> I'm using:
> 
> syslog-ng 1.4.15
> RedHat 7.2
> 
> Thanks for any help you can give me.
> 
> 
> Vilmos
> 
> ***** Configuration file *****
> 
> options { sync (3);
>           log_fifo_size (300);
>           long_hostnames (off);
>           use_dns (yes);
>           use_fqdn (yes);
>           keep_hostname (yes);
>         };
> 
> source src { unix-stream("/dev/log"); internal(); };
> source remote { tcp(ip("127.0.0.1") port(514) keep-alive(yes)); };
> 
> source src { unix-stream("/dev/log"); internal(); };
> 
> destination lpr { file("/var/log/lpr.log"); };
> destination mail { file("/var/log/mail.log"); };
> 
> destination messages { file("/var/log/messages"); };
> 
> destination console_all { file("/dev/tty8"); };
> 
> filter f_lpr { facility(lpr); };
> filter f_mail { facility(mail); };
> filter f_messages { level(info.emerg) and not facility(mail,lpr); };
> filter f_emergency { level(emerg); };
> 
> log { source(src); filter(f_lpr); destination(lpr); };
> log { source(src); filter(f_mail); destination(maillog); };
> log { source(src); filter(f_messages); destination(messages); };
> log { source(src); filter(f_emergency); destination(console); };
> 
> destination hosts { file("/var/log/HOSTS/$HOST/$FACILITY" owner(root)
> group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
> 
> log { source(remote); destination(hosts); };
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> 

-- 

Daniel Simonton
Hypodermic.NET
Owner/Admin