01-15-2010
Sending all apache logs to Syslog Server
Hi All,
I need to send all apache logs to local syslog and then to syslog server (STRM – Security Threat response manager).
I follow these steps:-
vi /etc/httpd/conf/httpd.conf
Added these lines :-
ErrorLog syslog:local1
LogLevel notice
Then in syslog.conf:-
local1.crit /var/log/httpd/access.log
local1.* @192.168.1.1 (IP of syslog server)
killall -HUP syslogd
httpd restart.
Now apache logs are showing in remote syslog server. But the issue is I am getting only "notice" from apache i.e stopping and starting httpd services and nothing else.
I need all apache logs (i.e if someone clicked on the site then all logs should be send to syslog server and not only httpd restarting services)
I may need to set LogLevel in httpd.conf to redirect all access logs to syslog server.
Please suggest as I need to log 3 or more files includes modsecurity, error log , tomcat logs to syslog server.. Need to redirect all logs to syslog server.
Please suggest...
Thanks,
Sudhir
6 More Discussions You Might Find Interesting
1. Linux
I have the auditd running and I need to send the audit logs to a remote syslog server.
Anyideas on how to do that? (1 Reply)
Discussion started by: jmathenge
1 Replies
2. UNIX for Advanced & Expert Users
hi folks,
Can you help me how to dump CFTOKEN and CFID requests in apache access_log ?
can you give me a better idea how to accomplish this ?
thanks (2 Replies)
Discussion started by: linuxgeek
2 Replies
3. Shell Programming and Scripting
I'm trying to write a Perl script where a file from a UNIX server box connects to a Windows server box and copies that file into the Window box.
The main problem I have right now is that whenever I try to connect to the Windows box, the connection is refused.
The error message that always pops... (2 Replies)
Discussion started by: kooshi
2 Replies
4. Programming
I have a Perl script that worked fine before moving it to justhost.com. It was on a Windows/Apache server. Just host is using UNIX. Other Perl scripts on other sites that were also moved work fine so I know Perl is functioning.
The script is called cwrmail.pl and is located in my cgi-bin.
When I... (9 Replies)
Discussion started by: BigBobbyB
9 Replies
5. AIX
Hi,
I can't seem to find the apache logs in my system. Can anyone assist me on finding them?
This was done with a RPM install. I've checked everywhere and even tried a find command with key names like httpd and apache. and i've come up with nothing except my conf files. (2 Replies)
Discussion started by: vpundit
2 Replies
6. Linux
I found a script for automatically push tomcat logs to syslog server which is locate in same server. How do I change it to push logs to remote server?
log4j.rootLogger=INFO, WARN, console, file, SYSLOG
log4j.appender.file=org.apache.log4j.RollingFileAppender
log4j.appender.file.append=true... (2 Replies)
Discussion started by: heshandh
2 Replies
LEARN ABOUT XFREE86
syslog
SYSLOG(8) System Logging SYSLOG(8)
NAME
syslog-ng, syslogd
DESCRIPTION
There are different syslog daemon implementations supported as the system's syslog service, currently syslogd, syslog-ng and rsyslogd
The first installed daemon activates itself for the syslog service. Starting with openSUSE-11.2, it is rsyslogd, before it was syslog-ng.
But this depends on the software selection during the installation.
The name of the daemon used as syslog service is specified in the
SYSLOG_DAEMON variable in /etc/sysconfig/syslog.
The yast2 sysconfig module provides a comfortable way to switch to another installed daemon and restart the service.
The /etc/init.d/syslog init script is able to handle all supported daemons.
BUGS
Please report bugs at <http://www.suse.de/feedback>
AUTHOR
Juergen Weigert <jw@novell.com>
Marius Tomaschewski <mt@novell.com>
SEE ALSO
sysklogd(8) syslogd(8) syslog.conf(5) syslog-ng(8) syslog-ng.conf(5) rsyslogd(8) rsyslog.conf(5)
syslog May 2008 SYSLOG(8)