[syslog-ng] 答复: Need help to send logs to a different server

Marc Andersen man at inspektsecurity.com
Tue Dec 9 09:13:41 CET 2008 

Yeah. What I wrote was pseudo-code.
What is in the attached  conf file should work (barring typos and the ever persistent challenge of parenthesis and semicolons)

cheers
/Marc


On 08/12/08 19.18, "Lavannya" <swap_project at yahoo.com> wrote:

Hi Mark,

Thanks for your reply.  I am getting error whatever configuration you had said.  May be  I need to change our existing configuration again.  Here is the central  log server  configuration I am sending as attachment. Our central  log server  is already configured  with  tcp(ip(0.0.0.0) ip and when  I am adding the new  server  to collect the log it is giving error.

  - I want to add another  server (this is needed for some application )
    to my central log server which  will
    get all the logs  from the central log  server.

Pl. feel free to correct  the log file and send it to me.

Thanks again





--- On Mon, 12/8/08, Marc Andersen <man at inspektsecurity.com> wrote:

> From: Marc Andersen <man at inspektsecurity.com>
> Subject: Re: [syslog-ng] 答复:  Need help to send logs to a different server
> To: "Syslog-ng users' and developers' mailing list" <syslog-ng at lists.balabit.hu>
> Date: Monday, December 8, 2008, 8:04 AM
> If the central syslog server is running syslog-ng you can
> just add another destination (live log server) to the
> already existing local files.
>
> log{
> source (udp/tcp incoming);
> destination(new live log server);
> };
>
> cheers
> /Marc
>
>
> On 07/12/08 16.03, "Lavannya"
> <swap_project at yahoo.com> wrote:
>
> Yes ,  from the client  we can ,  but I think if you read
> my mail properly, I clearly written that my requirement is
> NOT, to get the logs from the client.  I want  to set one
> server , which will get  all the information from the
> central log master. Yes , I know it can be done through
> ssh/rsync. But I wanted to know , if there is any option in
> syslog-ng .
>
> Thanks
>
>
>
> --- On Fri, 12/5/08, liuruihong
> <liuruihong at baidu.com> wrote:
>
> > From: liuruihong <liuruihong at baidu.com>
> > Subject: 答复: [syslog-ng] Need help to send logs to
> a different server
> > To: swap_project at yahoo.com, "'Syslog-ng
> users' and developers' mailing list'"
> <syslog-ng at lists.balabit.hu>
> > Date: Friday, December 5, 2008, 3:23 AM
> > in the client,you can define many remote log server
> > simultaneously.syslog
> > and syslog-ng all support this function.
> > You can find in the manual:)
> >
> >
> > 谢谢!
> >
> > 刘蕊红 |sys|6758
> >
> > -----邮件原件-----
> > 发件人: syslog-ng-bounces at lists.balabit.hu
> > [mailto:syslog-ng-bounces at lists.balabit.hu] 代表
> Swapna
> > 发送时间: 2008年12月5日 4:17
> > 收件人: syslog-ng at lists.balabit.hu
> > 主题: [syslog-ng] Need help to send logs to a
> different
> > server
> >
> > Hi,
> >
> >
> > We have syslog-ng configuration  as follows:
> >
> >    -  There are 50 clients  communicating to one log
> server
> >
> >    -  The  log server is kept in secured place where
> nobody
> > have access
> >
> >    -  All the logs  of 50 clients  are coming to the
> log
> > server  and
> >       the logs are kept  as follow
> >
> >           /var/log/syslog-ng/<client
> > host>/extended.log
> >
> >
> > We want  all the log of each client  to relay into a
> > seperate server live.
> > Means the  current log  file of each  host will go to
> the
> > new server
> > simultaneously  as  it is going to the central log
> server.
> >
> >
> > We can configure a  second  log server  like the
> existing
> > one.  But our
> > requirement  is,  that all the logs will be received
> from
> > the central log
> > server not from the client  hosts.
> >
> > Any help is  really appreciated.
> >
> > Thanks
> >
> >
> >
> >
> >
> ____________________________________________________________________________
> > __
> > Member info:
> > https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > Documentation:
> >
> http://www.balabit.com/support/documentation/?product=syslog-ng
> > FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
>
> ______________________________________________________________________________
> Member info:
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
> ______________________________________________________________________________
> Member info:
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20081209/ba25648e/attachment-0001.htm 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: syslogng.txt
Type: application/octet-stream
Size: 3647 bytes
Desc: syslogng.txt
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20081209/ba25648e/attachment-0001.obj

More information about the syslog-ng mailing list