Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: syslog
Operating Systems Solaris syslog Post 302492050 by DukeNuke2 on Saturday 29th of January 2011 10:54:03 AM
Old 01-29-2011
ok, and this tells us what?
 

2 More Discussions You Might Find Interesting

1. Solaris

Which are the available entries to forward syslog in syslog.conf?

Hi Community Which are the available entries to forward syslog in syslog.conf i have put *.err;kern.debug;daemon.notice;mail.crit;user.alert;user.emerg;kern.notice;auth.notice;kern.warning @172.16.200.50 and it's not going through.giving error message like below: syslogd:... (2 Replies)
Discussion started by: bentech4u
2 Replies

2. AIX

Cannot send syslog event from AIX 6.1 to RHEL Syslog server

Hi everyone, I am trying to configure AIX 6.1 using syslogd to send syslog event to syslog server configured on RHEL. However, RHEL never receives the events. I have tried to redirect the syslog event on AIX to a local file and successful. Only forwarding to remote server fails. Firewall... (10 Replies)
Discussion started by: michael_hoang
10 Replies

LEARN ABOUT CENTOS

audisp-remote

AUDISP-REMOTE:(8)					  System Administration Utilities					 AUDISP-REMOTE:(8)

NAME

       audisp-remote - plugin for remote logging

SYNOPSIS

       audisp-remote

DESCRIPTION

       audisp-remote is a plugin for the audit event dispatcher daemon, audispd, that preforms remote logging to an aggregate logging server.

TIPS

       If  you	are  aggregating  multiple  machines,  you should enable node information in the audit event stream. You can do this in one of two
       places. If you want computer node names written to disk as well as sent in the realtime	event  stream,	edit  the  name_format	option	in
       /etc/audit/auditd.conf.	If you only want the node names in the realtime event stream, then edit the name_format option in /etc/audisp/aud-
       ispd.conf. Do not enable both as it will put 2 node fields in the event stream.

SIGNALS

       SIGUSR1
	      Causes the audisp-remote program to write the value of some of its internal flags to syslog. The suspend flag tells whether  or  not
	      logging  has  been  suspended.  The  transport_ok  flag  tells  whether  or  not the connection to the remote server is healthy. The
	      queue_size tells how many records are enqueued to be sent to the remote server.

       SIGUSR2
	      Causes the audisp-remote program to resume logging if it were suspended due to an error.

FILES

       /etc/audisp/plugins.d/au-remote.conf, /etc/audit/auditd.conf, /etc/audisp/audispd.conf, /etc/audisp/audisp-remote.conf

SEE ALSO

       audispd(8), auditd.conf(8), audispd.conf(8), audisp-remote.conf(5).

AUTHOR

       Steve Grubb

Red Hat 							     Apr 2011							 AUDISP-REMOTE:(8)
All times are GMT -4. The time now is 02:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy