[syslog-ng]Problem reading the source file("/etc/httpd/logs/access_log")

syslog-ng@lists.balabit.hu syslog-ng@lists.balabit.hu
Thu, 9 Dec 2004 09:00:43 -0600 

This is a multipart message in MIME format.
--=_alternative 0051B56086256F65_=
Content-Type: text/plain; charset="US-ASCII"

The easiest way to get your apache logs into syslog is to simply enable 
the syslog option in apache. For example:
ErrorLog syslog[:facility]

Where facility is a valid syslog facility.
Note that when you do this, apache will no longer write a file out, but 
will ONLY log to syslog.

--
____________________________________________
Joe Reeves
Security Engineer II, IDS
Regions Technology Risk Management
Office: 334-956-6189
joe.reeves@regions.com
____________________________________________

"To err is human, but to really foul things up requires a computer."
~ Farmers' Almanac, 1978



Jay Guerette <jayguerette@gmail.com> 
Sent by: syslog-ng-admin@lists.balabit.hu
08/12/2004 19:26
Please respond to
syslog-ng@lists.balabit.hu


To
syslog-ng@lists.balabit.hu
cc

Subject
Re: [syslog-ng]Problem reading the source 
file("/etc/httpd/logs/access_log")






That is not a valid syslog source. No variation of options will make
that work all by itself. A sample of your configuration would be
helpful...

The 'file()' souce driver is explained here:
http://www.balabit.com/products/syslog_ng/reference/reference.html#AEN279

The above reference demonstrates a method to feed web server logs into
syslog-ng. Never having done it myself, I can only hope the
documentation is up-to-date and correct.


On Tue,  7 Dec 2004 22:44:51 -0600, torpedo <torpedo@bluebottle.com> 
wrote:
> I have installed the syslog-ng 1.6.5
> In configuration file I have defined source as the
> /etc/httpd/logs/access_log
> and destination as the terminal : /dev/tty1
> 
> Syslog-ng get started with no problem but it doesnot logs the
> information from the access_log file or any other log file ... i
> think thr is problem reading the file (but syslog-ng does not give
> any error) ... Plz help me out
_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html



--=_alternative 0051B56086256F65_=
Content-Type: text/html; charset="US-ASCII"


<br><font size=2 face="sans-serif">The easiest way to get your apache logs
into syslog is to simply enable the syslog option in apache. For example:</font>
<br><font size=2 face="sans-serif">ErrorLog syslog[:facility]</font>
<br>
<br><font size=2 face="sans-serif">Where facility is a valid syslog facility.</font>
<br><font size=2 face="sans-serif">Note that when you do this, apache will
no longer write a file out, but will ONLY log to syslog.</font>
<br>
<br><font size=2 face="sans-serif">--<br>
____________________________________________<br>
Joe Reeves<br>
Security Engineer II, IDS<br>
Regions Technology Risk Management<br>
Office: 334-956-6189<br>
joe.reeves@regions.com<br>
____________________________________________<br>
<br>
&quot;To err is human, but to really foul things up requires a computer.&quot;<br>
~ Farmers' Almanac, 1978</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Jay Guerette &lt;jayguerette@gmail.com&gt;</b>
</font>
<br><font size=1 face="sans-serif">Sent by: syslog-ng-admin@lists.balabit.hu</font>
<p><font size=1 face="sans-serif">08/12/2004 19:26</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
syslog-ng@lists.balabit.hu</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">syslog-ng@lists.balabit.hu</font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">Re: [syslog-ng]Problem reading the source
file(&quot;/etc/httpd/logs/access_log&quot;)</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>That is not a valid syslog source. No variation of
options will make<br>
that work all by itself. A sample of your configuration would be<br>
helpful...<br>
<br>
The 'file()' souce driver is explained here:<br>
http://www.balabit.com/products/syslog_ng/reference/reference.html#AEN279<br>
<br>
The above reference demonstrates a method to feed web server logs into<br>
syslog-ng. Never having done it myself, I can only hope the<br>
documentation is up-to-date and correct.<br>
<br>
<br>
On Tue, &nbsp;7 Dec 2004 22:44:51 -0600, torpedo &lt;torpedo@bluebottle.com&gt;
wrote:<br>
&gt; I have installed the syslog-ng 1.6.5<br>
&gt; In configuration file I have defined source as the<br>
&gt; /etc/httpd/logs/access_log<br>
&gt; and destination as the terminal : /dev/tty1<br>
&gt; <br>
&gt; Syslog-ng get started with no problem but it doesnot logs the<br>
&gt; information from the access_log file or any other log file ... i<br>
&gt; think thr is problem reading the file (but syslog-ng does not give<br>
&gt; any error) ... Plz help me out<br>
_______________________________________________<br>
syslog-ng maillist &nbsp;- &nbsp;syslog-ng@lists.balabit.hu<br>
https://lists.balabit.hu/mailman/listinfo/syslog-ng<br>
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html<br>
<br>
</tt></font>
<br>
--=_alternative 0051B56086256F65_=--