[syslog-ng]Configure syslog-ng to act as a central logging
server
Ryan McCain
syslog-ng@lists.balabit.hu
Thu, 31 Mar 2005 11:08:15 -0600
Final question (for now).
Should i use "unix_stream" or "unix_dgram" w/in the source setting? I
read in the Linux Server Security book that I should use unix_dgram on
newer kernels. I'm on kernel 2.6.x
Thanks, Ryan
>>>billn@billn.net 03/31 10:55 am >>>
On Thu, 31 Mar 2005, Ryan McCain wrote:
>source s_sys { file ("/proc/kmsg" log_prefix("kernel: "));
>unix_stream("/dev/log"); internal(); };
>
>destination hosts {
>file("/var/syslog/HOSTS/$HOST/$YEAR/$MONTH/$HOST-$FACILITY-$YEAR$MONTH$DAY"
>owner(root) group(root) perm(0755) dir_perm(0755) create_dirs(yes));
>};
>
>log { source(s_sys); destination(hosts); };
>
Yup. Should work like a champ. It's very similiar to a larger deployment
I'm using.
- billn
syslog-ng maillist - syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html