Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Configuring syslog.conf
Operating Systems Linux Red Hat Configuring syslog.conf Post 302764121 by zazzybob on Thursday 31st of January 2013 02:49:30 AM
Old 01-31-2013
This will work, as long as the Windows syslog server windowshost is resolvable by DNS or /etc/hosts (or whatever naming services you're using) and the syslog server is listening on port 514/udp. Kiwi Syslog on Windows works fine for this, and I've used it many times previously.

BTW: Please use code tags to make your configuration/code/etc. more readable.
 

10 More Discussions You Might Find Interesting

1. Red Hat

syslog.conf

Hi all I have a RedHat Linux AS2.1 server that keep crashing/rebooting and there are no messages in the /var/log/messages file pointing to any problems. I had a look at the /etc/syslog.conf file to see what gets logged to /var/log/messages, but I don't know what else to add. Can anyone tell me... (1 Reply)
Discussion started by: soliberus
1 Replies

2. UNIX for Dummies Questions & Answers

Configuring syslog.conf in a TRU64 UNIX machine

Dear all I want to redirect the logs of the syslog of a tru64 unix machine in a log and event monitoring tool installed in another server. In the syslog.conf i have appended *.*@<server_name> at the end, where <server_name> is the name of the machine on which the reporting tool is running. I... (0 Replies)
Discussion started by: adak2010
0 Replies

3. UNIX for Advanced & Expert Users

Configuring snmpd.conf and snmptrapd.conf

HI, I want a help for Configuring snmpd.conf and snmptrapd.conf (i.e Configuring SNMP) for receiving TRAPS in my networks. I am using RHEL4.0 OS. Please tell me How I can configure above two files in a proper way and at an advanced level. Especially I am getting... (2 Replies)
Discussion started by: jagdish.machhi@
2 Replies

4. Linux

SYSLOG.CONF another port

Hi everybody, i have a little problem... I have two server srv01 and srv02. srv02 have a syslogd server onboard and listen on 515... not on 514 (it's busy). How i configure the syslog.conf of srv01 for send logs on srv02:515 ??? Now i have on srv01: *.* @srv02 if i write: *.* ... (0 Replies)
Discussion started by: Zio Bill
0 Replies

5. Solaris

syslog-ng.conf

Has anyone here configured a central syslog server using syslog-ng ? I have set one up and I'm trying to tune the syslog-ng.conf file, both for the server and the client. I have found lots of linux example files, but not much on Solaris which is slightly different. So if you have a Solaris... (5 Replies)
Discussion started by: Tornado
5 Replies

6. Solaris

Want to know about a entry in syslog.conf

Hi Everyone, I just wanted to know about the below entry in syslog.conf in Solaris 10: kern.notice @destserver Now the log will be redirected to destserver. But I want to know the location on the destserver where this log will be thrown. Thanks in Advance, Deepak (4 Replies)
Discussion started by: naw_deepak
4 Replies

7. UNIX for Advanced & Expert Users

Modifying syslog.conf

I have a RHEL box that I want to be the loghost for all of the other systems on my network and have set up a /logs partitions to hold all of the logs. I've also created a file called current.log that will contain daily logs and created it using the following command: cp /dev/null current.log. ... (4 Replies)
Discussion started by: goose25
4 Replies

8. Shell Programming and Scripting

syslog.conf

How can i configure messages with warn priority to be logged in /var/log/mywarnings.log ? (1 Reply)
Discussion started by: g0dlik3
1 Replies

9. BSD

Syslog.conf issue

I'm trying to get all ipfw logs going to ipfw.log I've managed that, but ipfw.log is also getting stuff that shows up in system.log !-ipfw *.notice;authpriv,remoteauth,ftp,install,internal.none /var/log/system.log kern.* /var/log/kernel.log... (5 Replies)
Discussion started by: jnojr
5 Replies

10. Solaris

Which are the available entries to forward syslog in syslog.conf?

Hi Community Which are the available entries to forward syslog in syslog.conf i have put *.err;kern.debug;daemon.notice;mail.crit;user.alert;user.emerg;kern.notice;auth.notice;kern.warning @172.16.200.50 and it's not going through.giving error message like below: syslogd:... (2 Replies)
Discussion started by: bentech4u
2 Replies

LEARN ABOUT DEBIAN

lire::syslog

Syslog(3pm)						  LogReport's Lire Documentation					       Syslog(3pm)

NAME

       Lire::Syslog - syslog style lines parser

SYNOPSIS

       use Lire::Syslog;

       my $parser = new Lire::Syslog;

       my $rec = $parser->parse( $line );

DESCRIPTION

       This module defines objects able to parse logs coming from several flavours of logging daemon.

       It currently supports the following syslog file formats:

       Classic BSD syslog daemon
	   The "classic" BSD syslog format:

	       MMM DD HH:MM:SS Hostname Message

       Solaris 8 syslog daemon
	   The Solaris 8 syslog daemon also includes the facility and level:

	       MMM DD HH:MM:SS Hostname Process[Pid]: [ID DDDDDD Facility.Level] Message

       Netscape Messaging Server logging daemon
	   The syslog daemon that comes with Netscape Messaging Server uses a date in common log format:

	       [DD/MMM/YYYY:HH:MM:SS +ZZZZ] Hostname Process[Pid]: Facility Level: Message

       WebTrends syslog daemon
	   The format used by the syslog daemon that comes with WebTrends:

	       WTsyslog[YYYY-MM-DD HH:MM:SS ip=HOSTNAME pri=WT_PRIORITY] <XX>Message

       Kiwi Syslog (ISO date format)
	   The ISO log file formats used by the Kiwi Syslog daemon (http://www.kiwisyslog.com/info_sysd.htm), a logging daemon often encountered
	   on Win32 platforms:

	       YYYY-MM-DD HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Kiwi Syslog (US date format)
	   The US date format used by the Kiwi Syslog daemon:

	       MM-DD-YYYY HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Kiwi Syslog (DD-MM-YYY date format)
	   The DD-MM-YYYY date format used by the Kiwi Syslog daemon:

	       DD-MM-YYYY HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Sendmail Switch logging daemon
	   The format used by the logging daemon coming with Sendmail Switch on Win32 platforms:

	       MM/DD/YY HH:MM:SS Process(Pid): Level: Message

       RFC 3164-compliant Syslog daemon
	   A format from RFC 3164-compliant Syslog daemons which includes the encoded priority and the year in the date.  RFC 3164 defines the
	   "BSD Syslog Protocol".

	       <Priority>MMM DD YYYY HH:MM:SS: Process[Pid]: Message

       The first time the parse() method is used, the parser will try each of the supported formats to detect the syslog format. If no format
       matches, the module will call lr_err() and abort the program. Each other parse() invocation will use the same format.

       The parse() method will return an hash reference which contains the following keys:

       timestamp
	   The timestamp of the event.

       hostname
	   The name or IP address of the host that sended the message.

       process
	   The "process" that logged the event. Formally, the syslog message doesn't contain a process field but its usually the first word coming
	   before a colon in the message's content.

       pid The PID of the process that logged the event. This is usually what is between [] in the process part of the message.

       identifier
	   This key is only present when the log comes from a Solaris 8 syslog daemon. It contains the identifier that comes after ID in the
	   message.

       facility
	   The syslog facility (kern, mail, local0, etc.) of the message. This isn't supported in all file formats so this key might be
	   unavailable.

       level
	   The syslog level (emerg, info, notice, etc. ) of the message. This isn't supported in all file formats so this key might be
	   unavailable.

       content
	   The actual syslog message (with the process and pid removed). Many network devices will also have another BSD-style timestamp at the
	   beginning of the message. If present, it will also be removed.

USAGE

	package Lire::Foo;

	use base qw/ Lire::Syslog /;

	sub parse {
	   my $self = shift;
	   my $line = shift;

	   # this runs parse from Lire::Syslog, setting keys like 'day', 'process'
	   # and 'hostname'
	   my $rec = $self->SUPER::parse($line);

	   $rec->{'foo'} = dosomethingwith( $rec->{'content'} );

	   return $rec
	}

       Now, one can run in a script

	my $parser = new Lire::Foo();

	while ( <> ) {
	   chomp;
	   my $log = $parser->parse( $line );
	}

       which sets $log->{'day'}, ... $log->{'process'} and $log->{'foo'}.

SEE ALSO

       Lire::Email(3)

AUTHORS

	 Joost van Baal, Francis J. Lacoste.  Initial idea by Joost Kooij

VERSION

       $Id: Syslog.pm,v 1.15 2006/07/23 13:16:30 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2000-2002 Stichting LogReport Foundation LogReport@LogReport.org

       This file is part of Lire.

       Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23							       Syslog(3pm)
All times are GMT -4. The time now is 11:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy