[syslog-ng]Issues with HP-UX
Stephen Tanner
syslog-ng@lists.balabit.hu
Mon, 2 May 2005 15:23:05 -0400
This is a multi-part message in MIME format.
------_=_NextPart_001_01C54F4C.5D4DC269
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
I have recently started using syslog-ng so that I can use stunnel to log
to a central loghost. I have gotten syslog-ng working on a linux box,
and everything works fine, but my HP-UX boxes won't even log locally,
much less log to a loghost. Below, I have included the syslog-ng.conf
for one of the hosts.
=20
=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D
Stephen Tanner
HP-UX Systems Administrator
Network Support Services
Lee County Clerk of Courts
=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D
=20
options { use_fqdn(no); keep_hostname(no); use_dns(no);
long_hostnames(off); sync(3); log_fifo_size(300); };
=20
#
# This is the default behavior of sysklogd package
# Logs may come from unix stream, but not from another machine.
#
source src { unix-dgram("/dev/log.un"); internal(); };
=20
# After that set destinations.
=20
# First some standard logfile
#
destination lpr { file("/var/adm/lpr.log"); };
destination mail { file("/var/adm/mail.log"); };
=20
# Some `catch-all' logfiles.
#
destination syslog { file("/var/adm/syslog/syslog.log"); };
=20
# The root's console.
#
destination console { usertty("root"); };
=20
# Virtual console.
#
destination console_all { file("/dev/tty8"); };
=20
# Here's come the filter options. With this rules, we can set which
# message go where.
=20
filter f_lpr { facility(lpr); };
filter f_mail { facility(mail); };
filter f_messages { level(info .. warn)and not facility(auth, cron,
daemon, mail, news); };
filter f_emergency { level(emerg); };
=20
###############################################################
=20
log { source(src); filter(f_lpr); destination(lpr); };
log { source(src); filter(f_mail); destination(mail); };
log { source(src); filter(f_messages); destination(syslog); };
log { source(src); filter(f_emergency); destination(console); };
#log { source(src); destination(messages); };
=20
###############################################################
## set up logging to a loghost forwarded from localhost via stunnel
destination loghost {tcp("127.0.0.1" port(514));};
=20
# send everything to loghost, too
log { source(src); destination(loghost); };
###############################################################
------_=_NextPart_001_01C54F4C.5D4DC269
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceName"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"place" downloadurl=3D"http://www.5iantlavalamp.com/"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PersonName" downloadurl=3D"http://www.microsoft.com"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I have recently started using syslog-ng so that I can =
use
stunnel to log to a central loghost. I have gotten syslog-ng =
working on a
linux box, and everything works fine, but my HP-UX boxes won’t =
even log
locally, much less log to a loghost. Below, I have included the =
syslog-ng.conf
for one of the hosts.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D=
-=3D-=3D</span></font><o:p></o:p></p>
<p class=3DMsoNormal><st1:PersonName w:st=3D"on"><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>Stephen =
Tanner</span></font></st1:PersonName><o:p></o:p></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>HP-UX Systems =
Administrator</span></font><o:p></o:p></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Network Support Services</span></font><o:p></o:p></p>
<p class=3DMsoNormal><st1:place w:st=3D"on"><st1:PlaceName =
w:st=3D"on"><font size=3D2
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'>Lee</span></font></st1:Place=
Name><font
size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'> <st1:PlaceName
w:st=3D"on">County</st1:PlaceName></span></font></st1:place><font =
size=3D2
face=3DArial><span style=3D'font-size:10.0pt;font-family:Arial'> Clerk =
of Courts</span></font><o:p></o:p></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D=
-=3D-=3D</span></font><o:p></o:p></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>options { use_fqdn(no); keep_hostname(no); use_dns(no);
long_hostnames(off); sync(3); log_fifo_size(300); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># This is the default behavior of sysklogd =
package<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># Logs may come from unix stream, but not from another =
machine.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>source src { unix-dgram("/dev/log.un"); internal(); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># After that set destinations.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># First some standard logfile<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination lpr { file("/var/adm/lpr.log"); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination mail { file("/var/adm/mail.log"); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># Some `catch-all' logfiles.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination syslog { =
file("/var/adm/syslog/syslog.log"); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># The root's console.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination console { usertty("root"); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># Virtual console.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination console_all { file("/dev/tty8"); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># Here's come the filter options. With this rules, we can set =
which<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># message go where.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>filter f_lpr { facility(lpr); };<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>filter f_mail { facility(mail); };<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>filter f_messages { level(info .. warn)and not facility(auth, =
cron,
daemon, mail, news); };<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>filter f_emergency { level(emerg); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>###############################################################<o=
:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>log { source(src); filter(f_lpr); destination(lpr); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>log { source(src); filter(f_mail); destination(mail); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>log { source(src); filter(f_messages); destination(syslog); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>log { source(src); filter(f_emergency); destination(console); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>#log { source(src); destination(messages); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>###############################################################<o=
:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>## set up logging to a loghost forwarded from localhost via =
stunnel<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>destination loghost {tcp("127.0.0.1" =
port(514));};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'># send everything to loghost, too<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>log { source(src); destination(loghost); =
};<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>###############################################################<o=
:p></o:p></span></font></p>
</div>
</body>
</html>
------_=_NextPart_001_01C54F4C.5D4DC269--