Sending email via syslog-ng

 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Sending email via syslog-ng
# 1  
Old 06-30-2009
Sending email via syslog-ng

Hi friends
I have syslog-ng installed in RHEL5 server, I make it as CEntral log for all servers in my network, Filtered by IP
Now What I want to do is make it send to me an email for a specific log for one of my server, In other word when any log sent from this IP (192.168.1.1 ) For example to send me email with this new log value to myemail@mydomain.com
The following is the part of configuration for my syslog-ng.conf that related with remote servers.
=============================================

source s_remote {
tcp(ip(0.0.0.0) port(514));
udp(ip(0.0.0.0) port(514));
};

destination d_separatedbyhosts {
file("/var/log/syslog-ng/servers/$HOST/$FACILITY.log" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes));
};

log { source(s_remote); destination(d_separatedbyhosts); };
===============================================

Thanks
Best Regards
Reaky
# 2  
Old 06-30-2009
You could try to use the program(destination) and write a script that takes the log message from the standard input and mails it to you.
# 3  
Old 07-06-2009
Ok how if I want to send just a log using level if severity, For example from severity 4 -->0 , The following is the full conf file:
========================================
=======================================
# configuration file for syslog-ng, customized for remote logging

source s_internal { internal(); };
destination d_syslognglog { file("/var/log/syslog-ng.log"); };
log { source(s_internal); destination(d_syslognglog); };

# Remote logging
source s_remote {
tcp(ip(0.0.0.0) port(514));
udp(ip(0.0.0.0) port(514));
};

destination d_separatedbyhosts {
file("/var/log/syslog-ng/servers/$HOST/$FACILITY.log" owner("root") group("root") perm(0640) dir_perm(0750) create_dirs(yes));
};

log { source(s_remote); destination(d_separatedbyhosts); };

options {

# Number of syslog lines stored in memory before being written to files
flush_lines (0);

# Syslog-ng uses queues
log_fifo_size (1000);

# Create log directories as needed
create_dirs (yes);

# Make the group "logs" own the log files and directories
group (logs);
dir_group (logs);

# Set the file and directory permissions
perm (0640);
dir_perm (0750);

# Check client hostnames for valid DNS characters
check_hostname (yes);

# Specify whether to trust hostname in the log message.
# If "yes", then it is left unchanged, if "no" the server replaces
# it with client's DNS lookup value.
keep_hostname (yes);

# Use DNS fully qualified domain names (FQDN)
# for the names of log file folders
use_fqdn (yes);
use_dns (yes);

# Cache DNS entries for up to 1000 hosts for 12 hours
dns_cache (yes);
dns_cache_size (1000);

# messages and label it "d_localhost"
source s_localhost {
pipe ("/proc/kmsg" program_override("kernel: "));
unix-stream ("/dev/log");
internal();
};

# Define the destination "d_localhost" log directory
destination d_localhost {
file ("/var/log/syslog-ng/localhost/$FACILITY.log");
};

# Define all the sources of network generated syslog
# messages and label it "d_network"
source s_network {
tcp(max-connections(5000));
udp();
};

# Define the destination "d_network" log directory
destination d_network {
file ("/var/log/syslog-ng/$YEAR.$MONTH.$DAY/$HOST/$FACILITY.log");
};

# Any logs that match the "s_localhost" source should be logged
# in the "d_localhost" directory

log { source(s_localhost);
destination(d_localhost);
};
==================================================

---------- Post updated 07-06-09 at 02:55 AM ---------- Previous update was 07-05-09 at 07:18 AM ----------

It worked now successfuly
with the following

=============
source sme {file (/var/log/syslog-ng/servers/Central.mc.tedata.net/authpriv.log); };


destination maillog { program ("/usr/local/bin/syslog-mail-perl" );
};
log {source(sme); destination(maillog); };
===============
Thanks

---------- Post updated at 07:47 AM ---------- Previous update was at 02:55 AM ----------

Dears I still have a small problem that when It tried to send emails I found that I must restart syslog every time to send the mails to sendmail, In another word it buffer the emails tell I restart syslog-ng then It forwerd it to send mail and can see it in the mail log.
Do you have any idea for that ?
Thanks

the perl script

+++++++++++++++++++++++++++++++++++=
#!/usr/bin/perl -n
# thanks to Brian Dowling for an example with security in mind.

$TO = 'reaky@domain.com';
$FROM = $TO;

s/^//;

open(MAIL, "|/usr/sbin/sendmail -t");

print MAIL "EOT";
To: $TO
From: $FROM
Subject: SME Log Alert: $_

$_

EOT

close(MAIL);
+++++++++++++++++++++++++++++++++++++++

Last edited by reaky; 07-06-2009 at 10:21 AM..
# 4  
Old 07-06-2009
Try to set flush_timeout(1000). Hopefully that way syslog-ng will send out the messages.
See
8.2. Destination drivers for details.
# 5  
Old 07-07-2009
I tried the option but didn't work too ..
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Linux

Sending an email using mutt...

I wanted to send "config.log" to the usergroup that handles open source support for Octave 3.8.0, a programming language as there were build errors. In order to send an email from unix command line, I am trying to use mutt, and I need a straightforward way of sending emails, as the commands... (1 Reply)
Discussion started by: jon80
1 Replies

2. Shell Programming and Scripting

Sending email in UNIX

can you tell me what is the syntax if I need to keep someone in cc with the below email. mailx -s "shell script completed successfully" arun@gmail.com < /dev/null (4 Replies)
Discussion started by: ramkumar15
4 Replies

3. Shell Programming and Scripting

Sending HTML Email

1) Can you please provide me with a best example of how to send an HTML email via mutt or mail or send email commands using bash shell. 2) I tried below but i am not able to get the variable values in the HTML email output. (cat <<-EOT <html> <head><title></title> </head> <body> <p>Hello,... (9 Replies)
Discussion started by: Ariean
9 Replies

4. Shell Programming and Scripting

Using top command to email if process is exceeding 25% and sending an email alert if so

This is my first time writing a script and Im having some trouble, Im trying to use the top command to monitor processes and the amount of CPU usage they require, my aim is to get an email if a process takes over a certain percentage of CPU usage I tried grep Obviosly that hasnt worked, Any... (8 Replies)
Discussion started by: jay02
8 Replies

5. AIX

Sending an email notification when syslog goes down

Hi All of a sudden the syslog daemon in the server went down and then later I started it manually # ps -ef | grep syslogd root 217228 114906 0 Nov 16 - 0:00 /usr/sbin/syslogd root 430306 290870 0 14:18:11 pts/0 0:00 grep syslogd Can some one help me with a script which will monitor the... (2 Replies)
Discussion started by: newtoaixos
2 Replies

6. Linux

sending an email

I have used an already-built ActiveX control to send email from my asp web pages. One of the parameters I fill is FromName which defines the tittle the recipient will see in the From entrance in his Inbox. Now Iīm trying to use mail to send an email from a Shell but I havenīt found the... (1 Reply)
Discussion started by: RandomAccess
1 Replies

7. Shell Programming and Scripting

Sending Email with Attachment

Hi, I want to send an email with multiple attachment using uuencode and mail command. I am able to send with one attachment Ex:uuencode abc.txt abc.txt | mail test@test.com -s "Test3" Can anyone reply with syntax. Regards BS (3 Replies)
Discussion started by: balajiora
3 Replies

8. Shell Programming and Scripting

Sending an email with more than one files

Hi, I would like to send an email with more than one attachement. I am using uuencode. I want to achive by suing uuencode. Also please let me know other ways. -Thambi (7 Replies)
Discussion started by: thambi
7 Replies

9. UNIX for Dummies Questions & Answers

sending email

hi, is there any possiblity to send email from the command prompt, for eg i want to send alert to any mail id like /data/logs is 80% to my hotmail account , xxx@hotmail.com is this really possible,, if not, then what are the prerequistes need to do this (1 Reply)
Discussion started by: vasikaran
1 Replies

10. UNIX for Dummies Questions & Answers

Sending email

I have an Solaris 8 machine running a managment application. One of the features of this application is to configure alarm forwarding to an email undress. When i configured the application to do that, it asked me only about the recipient email address. Quesiton: how to configure my Solaris 8... (7 Replies)
Discussion started by: bcheaib
7 Replies
Login or Register to Ask a Question