[syslog-ng]Problem reading the source file("/etc/httpd/logs/access_log")
syslog-ng@lists.balabit.hu
syslog-ng@lists.balabit.hu
Thu, 9 Dec 2004 09:00:43 -0600
This is a multipart message in MIME format.
--=_alternative 0051B56086256F65_=
Content-Type: text/plain; charset="US-ASCII"
The easiest way to get your apache logs into syslog is to simply enable
the syslog option in apache. For example:
ErrorLog syslog[:facility]
Where facility is a valid syslog facility.
Note that when you do this, apache will no longer write a file out, but
will ONLY log to syslog.
--
____________________________________________
Joe Reeves
Security Engineer II, IDS
Regions Technology Risk Management
Office: 334-956-6189
joe.reeves@regions.com
____________________________________________
"To err is human, but to really foul things up requires a computer."
~ Farmers' Almanac, 1978
Jay Guerette <jayguerette@gmail.com>
Sent by: syslog-ng-admin@lists.balabit.hu
08/12/2004 19:26
Please respond to
syslog-ng@lists.balabit.hu
To
syslog-ng@lists.balabit.hu
cc
Subject
Re: [syslog-ng]Problem reading the source
file("/etc/httpd/logs/access_log")
That is not a valid syslog source. No variation of options will make
that work all by itself. A sample of your configuration would be
helpful...
The 'file()' souce driver is explained here:
http://www.balabit.com/products/syslog_ng/reference/reference.html#AEN279
The above reference demonstrates a method to feed web server logs into
syslog-ng. Never having done it myself, I can only hope the
documentation is up-to-date and correct.
On Tue, 7 Dec 2004 22:44:51 -0600, torpedo <torpedo@bluebottle.com>
wrote:
> I have installed the syslog-ng 1.6.5
> In configuration file I have defined source as the
> /etc/httpd/logs/access_log
> and destination as the terminal : /dev/tty1
>
> Syslog-ng get started with no problem but it doesnot logs the
> information from the access_log file or any other log file ... i
> think thr is problem reading the file (but syslog-ng does not give
> any error) ... Plz help me out
_______________________________________________
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
--=_alternative 0051B56086256F65_=
Content-Type: text/html; charset="US-ASCII"
<br><font size=2 face="sans-serif">The easiest way to get your apache logs
into syslog is to simply enable the syslog option in apache. For example:</font>
<br><font size=2 face="sans-serif">ErrorLog syslog[:facility]</font>
<br>
<br><font size=2 face="sans-serif">Where facility is a valid syslog facility.</font>
<br><font size=2 face="sans-serif">Note that when you do this, apache will
no longer write a file out, but will ONLY log to syslog.</font>
<br>
<br><font size=2 face="sans-serif">--<br>
____________________________________________<br>
Joe Reeves<br>
Security Engineer II, IDS<br>
Regions Technology Risk Management<br>
Office: 334-956-6189<br>
joe.reeves@regions.com<br>
____________________________________________<br>
<br>
"To err is human, but to really foul things up requires a computer."<br>
~ Farmers' Almanac, 1978</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Jay Guerette <jayguerette@gmail.com></b>
</font>
<br><font size=1 face="sans-serif">Sent by: syslog-ng-admin@lists.balabit.hu</font>
<p><font size=1 face="sans-serif">08/12/2004 19:26</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
syslog-ng@lists.balabit.hu</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">syslog-ng@lists.balabit.hu</font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">Re: [syslog-ng]Problem reading the source
file("/etc/httpd/logs/access_log")</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>That is not a valid syslog source. No variation of
options will make<br>
that work all by itself. A sample of your configuration would be<br>
helpful...<br>
<br>
The 'file()' souce driver is explained here:<br>
http://www.balabit.com/products/syslog_ng/reference/reference.html#AEN279<br>
<br>
The above reference demonstrates a method to feed web server logs into<br>
syslog-ng. Never having done it myself, I can only hope the<br>
documentation is up-to-date and correct.<br>
<br>
<br>
On Tue, 7 Dec 2004 22:44:51 -0600, torpedo <torpedo@bluebottle.com>
wrote:<br>
> I have installed the syslog-ng 1.6.5<br>
> In configuration file I have defined source as the<br>
> /etc/httpd/logs/access_log<br>
> and destination as the terminal : /dev/tty1<br>
> <br>
> Syslog-ng get started with no problem but it doesnot logs the<br>
> information from the access_log file or any other log file ... i<br>
> think thr is problem reading the file (but syslog-ng does not give<br>
> any error) ... Plz help me out<br>
_______________________________________________<br>
syslog-ng maillist - syslog-ng@lists.balabit.hu<br>
https://lists.balabit.hu/mailman/listinfo/syslog-ng<br>
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html<br>
<br>
</tt></font>
<br>
--=_alternative 0051B56086256F65_=--