Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Modifying syslog.conf
Top Forums UNIX for Advanced & Expert Users Modifying syslog.conf Post 302373241 by fpmurphy on Thursday 19th of November 2009 09:42:32 PM
Old 11-19-2009
Code:
*.info /logs/rsyslog/current.log

Are you using syslogd or rsyslogd? For syslogd, you add "-r' to the SYSLOGD_OPTIONS in /etc/sysconfig/syslog.

For rsyslogd you need to uncomment the following lines in rsyslogd.conf
Code:
$ModLoad imudp
$UDPServerRun 514

and add list of permitted hosts e.g.
Code:
$AllowedSender UDP, 127.0.0.1, *example.com

You also need to open up any firewall that is in place on the log server for 514/UDP.
 

10 More Discussions You Might Find Interesting

1. Red Hat

syslog.conf

Hi all I have a RedHat Linux AS2.1 server that keep crashing/rebooting and there are no messages in the /var/log/messages file pointing to any problems. I had a look at the /etc/syslog.conf file to see what gets logged to /var/log/messages, but I don't know what else to add. Can anyone tell me... (1 Reply)
Discussion started by: soliberus
1 Replies

2. Solaris

syslog-ng.conf

Has anyone here configured a central syslog server using syslog-ng ? I have set one up and I'm trying to tune the syslog-ng.conf file, both for the server and the client. I have found lots of linux example files, but not much on Solaris which is slightly different. So if you have a Solaris... (5 Replies)
Discussion started by: Tornado
5 Replies

3. UNIX for Dummies Questions & Answers

Help confiuring syslog.conf

Hi, We had a hardware problem at work and none of the kernel problems outputted to the log file, just the screen. How can I configure the syslogd.conf file to record kernel events (ie hardware problems) to /dev/console and/var/log/messages. Can I just put: /dev/console /var/log/messages on... (5 Replies)
Discussion started by: mojoman
5 Replies

4. Red Hat

Modifying limits.conf & pam.d

Hello all, I'm running Oracle 10.2 on RHEL5. Current value of ulimit -n is set to a low value of 1024. I need to increase it to 65536 using the following procedure. cat >> /etc/security/limits.conf <<EOF oracle soft nproc 2047 oracle hard nproc 16384 oracle soft nofile 1024 oracle hard... (3 Replies)
Discussion started by: luft
3 Replies

5. Red Hat

problems after modifying modprobe.conf

Hey Guys, I am having a problem after modifying the modprobe.conf. I added a few entries for the HBA drivers. When I noticed that it would not boot after this, I mounted a knoppix disk and removed those lines from the modprobe.conf. Now after removing those lines, it is still stuck at the same... (2 Replies)
Discussion started by: s ladd
2 Replies

6. Shell Programming and Scripting

syslog.conf

How can i configure messages with warn priority to be logged in /var/log/mywarnings.log ? (1 Reply)
Discussion started by: g0dlik3
1 Replies

7. Solaris

best configuration for syslog.conf

I would like to configure the syslog.conf to have a good monitoring information about my system. do you have any idea about best configuration from your experience in your Data Centers BR, (5 Replies)
Discussion started by: maxim42
5 Replies

8. Red Hat

Configuring syslog.conf

Hi, I would like to configure syslog linux client, syslog server is windows server. so adding on linux client in /etc/syslog.conf @hostname will work in the place of directory location. example of /etc/syslog.conf # Log all kernel messages to the console. # Logging much else clutters up... (2 Replies)
Discussion started by: manoj.solaris
2 Replies

9. BSD

Syslog.conf issue

I'm trying to get all ipfw logs going to ipfw.log I've managed that, but ipfw.log is also getting stuff that shows up in system.log !-ipfw *.notice;authpriv,remoteauth,ftp,install,internal.none /var/log/system.log kern.* /var/log/kernel.log... (5 Replies)
Discussion started by: jnojr
5 Replies

10. Solaris

Which are the available entries to forward syslog in syslog.conf?

Hi Community Which are the available entries to forward syslog in syslog.conf i have put *.err;kern.debug;daemon.notice;mail.crit;user.alert;user.emerg;kern.notice;auth.notice;kern.warning @172.16.200.50 and it's not going through.giving error message like below: syslogd:... (2 Replies)
Discussion started by: bentech4u
2 Replies

LEARN ABOUT DEBIAN

epylog

epylog(8)							Applications/System							 epylog(8)

NAME

       epylog - Syslog new log notifier and parser.

SYNOPSIS

       epylog [-c epylog.conf] [-d LOGLEVEL] [--last PERIOD]
	      [--store-offsets] [--quiet] [--cron]

DESCRIPTION

       Epylog  is a new log notifier and parser which runs periodically out of cron, looks at your logs, processes the entries in order to present
       them in a more comprehensive format, and then provides you with the output. It is written specifically with large network clusters in  mind
       where a lot of machines (around 50 and upwards) log to the same loghost using syslog or syslog-ng.

       Alternatively,  Epylog  can be invoked from the command line and provide a log report based on a certain provided time period. In this case
       it relies on syslog timestamps to find the offsets, as opposed to the end-of-log offsets stored during the last run, though  this  behavior
       is not as reliable and is easily thwarted by skewed clocks.

OPTIONS

       -c config.file
	      Provide an alternative config file to Epylog. By default, it will look in /etc/epylog/epylog.conf.

       -d LOGLEVEL
	      Logging  level. The default is 1. 0 will produce no output except for critical errors (useful for cron runs). 2 and above are debug-
	      ging levels. 5 is the most verbose.

       --last PERIOD
	      Will make a report on events that occurred in the last PERIOD. PERIOD can be either "hour", "day", "week", "month", or  more  granu-
	      lar:  "1h",  "2h",  "3d",  "2w", etc. When --last is specified, epylog will ignore the saved offsets and locate the entries by time-
	      stamps. CAUTION: this process is not to be trusted, since the timestamps are not checked for  any  validity  when  arriving  to  the
	      loghost. One reporting machine with a skewed clock may confuse Epylog enough to miss a lot of valid entries.

       --store-offsets
	      When specified, will store the offset of the last log entry processed in offsets.xml. During the cron runs epylog relies on the off-
	      set information to find out what new entries to process. This is more trustworthy than relying on timestamps. The  default  behavior
	      is  not  to store the offsets, as this allows to run epylog both from cron and manually without the two interfering with each-other.
	      The location of offset.xml is specified in epylog.conf. See epylog.conf(5) for more details.

       --quiet
	      In every way identical to -d 0.

       --cron This is essentially --quiet --store-offsets, plus a lockfile will be created and consulted, preventing more  than  one  instance	of
	      epylog from running. You can still run epylog manually -- the lockfile is only checked when running in --cron mode.

FEATURES

	      The core of epylog is written in python. It handles things like timestamp lookups, unwrapping of "last message repeated" lines, han-
	      dling of rotated files, preparing and publishing the reports, etc.

	      The modules are pluggable and can be either "internal", written in python, or external. External modules can be written in any  lan-
	      guage, but at a price of some convenience. For more info see epylog-modules(5).

INITIAL RUN

	      Depending  on  the  size	of your logs, you might want to initialize your offsets before letting epylog run from cron. When the off-
	      sets.xml file is missing, epylog will by default process the entire log, and depending on your configuration, that can be a  lot	of
	      entries. A good way to init epylog is to run:

	      epylog --last day --store-offsets

FILES

       /etc/epylog/epylog.conf
       /usr/sbin/epylog
       /etc/cron.daily/epylog.cron
       /etc/epylog/*
       /var/lib/epylog/*
       /usr/share/epylog/modules/*

EXAMPLES

       The useful way to run from a command line is with --last. E.g.:

       epylog --last day
       epylog --last 2w

       When running from cron, you want to store the offsets and not rely on timestamps. There is a mode that allows you to do this:

       epylog --cron

AUTHORS

       Konstantin Ryabitsev <icon@linux.duke.edu>

SEE ALSO

       epylog.conf(5) epylog-modules(5)

Konstantin Ryabitsev							1.0								 epylog(8)
All times are GMT -4. The time now is 11:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy