[syslog-ng] Syslog-ng central logging server

Evan Rempel erempel at uvic.ca
Mon Apr 23 17:36:20 CEST 2007 

Sorry, I can't read this morning :-(

Please ignore this post.

Evan.

Evan Rempel wrote:
> The server is not configured to accept any TCP incoming data. You 
> require a source with TCP
> 
> source s_tcp { tcp(ip("20.5.68.82") port(514) ); };
> 
> The option ip should really read localip but some versions of syslog-ng 
> did not accept this option, so
> ip is used.
> 
> An then include that in your log configuration on your server.
> 
> Evan.
> 
> Shamim wrote:
>> Server
>> -----------------------------
>> [root at plggd020 etc]# more syslog-ng.conf
>> #sample syslog-ng.conf for a central logging server
>> options {
>>       sync (0);
>>     log_fifo_size (2048);
>>     create_dirs (yes);
>>     group (root);
>>     dir_group (root);
>>     perm (0640);
>>     dir_perm (0750);
>>     };
>>   source s_local { internal(); unix-stream("/dev/log"); 
>> file("/proc/kmsg" log_prefix("kernel: ")); };
>> destination d_auth { file("/var/log/auth.log"); };
>> filter f_auth { facility(auth, authpriv); };
>>   source s_remote { tcp(); };
>> destination d_clients { file("/var/log/HOSTS/$HOST"); };
>>   log { source(s_remote); destination(d_clients); };
>> log { source(s_local); filter(f_auth); destination(d_auth); };
>>   Client
>> -----------------
>>   -bash-3.00# more syslog-ng.conf
>> #sample syslog-ng.conf for a remote client
>> source s_local { internal(); unix-stream("/dev/log"); 
>> file("/proc/kmsg" log_prefix("kernel: ")); };
>>   destination d_loghost {tcp("20.5.68.82" port(514));};
>> log { source(s_local); destination(d_loghost); };
>>   destination messages { file("/var/log/messages-ng"); };
>> log {
>>         source(s_local);
>>         destination(messages);
>> };
>>   -bash-3.00#
>>   And there is no message going to Server However at Client side log 
>> files shows the message as below:
>>   -bash-3.00# logger "test "
>> -bash-3.00# tail /var/log/messages-ng
>> Apr 23 08:44:38 s_local at zlggd052 syslog-ng[9935]: syslog-ng starting 
>> up; version='2.0.2'
>> Apr 23 08:44:38 s_local at zlggd052 syslog-ng[9935]: Connection failed; 
>> error='No route to host (113)', time_reopen='60'
>> Apr 23 08:45:12 s_local at zlggd052 syslog-ng[9935]: SIGTERM received, 
>> terminating;
>> Apr 23 08:45:12 s_local at zlggd052 syslog-ng[9935]: syslog-ng shutting 
>> down; version='2.0.2'
>> Apr 23 08:45:13 s_local at zlggd052 syslog-ng[9945]: syslog-ng starting 
>> up; version='2.0.2'
>> Apr 23 08:45:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; 
>> error='No route to host (113)', time_reopen='60'
>> Apr 23 08:45:18 s_local at zlggd052 soetest1: test
>> Apr 23 08:46:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; 
>> error='No route to host (113)', time_reopen='60'
>> Apr 23 08:47:13 s_local at zlggd052 syslog-ng[9945]: Connection failed; 
>> error='No route to host (113)', time_reopen='60'
>> Apr 23 08:47:46 s_local at zlggd052 soetest1: test
>> -bash-3.00#
>>         Please suggest what will be the reason.
>>      Thanks & Regards
>>      Shamim
>>   
>>        ---------------------------------
>>  Yahoo! Answers - Got a question? Someone out there knows the answer. 
>> Tryit now.
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
>> https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>>
> 
> 


-- 
Evan Rempel                erempel at uvic.ca
Senior Programmer Analyst        250.721.7691
Computing Services
University of Victoria

More information about the syslog-ng mailing list