Basically, on each individual server, the only active line you need is
You do the filtering/splitting on the the receiving server. If you match the message multiple times, you will record it multiple times. Do you have an example of the duplicated messages? If they are in different files, then remember that you are usually recording messages that are of the specified level and above, e.g. *.info will also pick up *.warn messages. You can specifically exclude hight levels, if that's what you want.
I would suggest using a DNS address in case you want to move your central syslog server, however some people worry that this requires the address to resolve as the rsyslogd starts, so I know that many people use a plain IP address.
Hi,
I want to log-in to a remote server using shell script.
The server requires the following while allowing a connection:
username
password
one - letter authorisation.
How can i implement this in my script?
thanks,
abey (6 Replies)
Hi,
I have Sun One Application server installed on 2 Solaris servers. Currently I am getting their logs in relative server. I am using log4j for logging. Now I want to change this. I want such that I should get both S1AS's log on third server with log4j. How can I do that ?
I got one idea... (0 Replies)
Hi,
I wonder if anyone is able to assist me.
I have a HP UX server and some HP UX workstations that has been migrated from another network. I have changed the IP Addresses and everything seems to be working fine.
However, the users are complaining that they are unable to login to the UX... (1 Reply)
Dear All,
Could I change password while login in to ftp server(solaris 10)? I tried to use fileZilla and command prompt(window) to change my password but It can't. Do you have any suggestion ?
Ps. I can't telnet and ssh to the server because of poicy for ftpuser.
Thank in advance (3 Replies)
Hi, I bought a linux server, and actually all I can do now is enter through the SSH, This is my first time buying a server. When I bought a VPS before I could enter through remote desktop control, how can I do that on the server ? I need a little explanation because I am little short on info here... (1 Reply)
Hello everybody,
I have one small issue... :(
When i'm trying to connect another unix box through below script..
#!/usr/bin/bash
ssh $1 <<EOF
Commands
.
.
exit
EOF
But getting some syntax error "-sh: syntax error at line 2: `end of file' unexpected". I used to use... (2 Replies)
hi all,
I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server.
for eg :
I tried with below script ,but cant get the desired o/p. please help with this
for i in `cat serverlist`
do
echo $i
ssh $i uname -a ;
cat... (4 Replies)
When unlocking a Linux server's console there's no event indicating successful logging
Is there a way I can fix this ?
I have the following in my rsyslog.conf
auth.info /var/log/secure
authpriv.info /var/log/secure (1 Reply)
I have been logging to 100 server everyday to test if I can login to the server.
I created a script to ssh-copy-id to every host so next time it will be password less. Now it keeps prompting me
Are you sure you want to continue connecting (yes/no)? yes
This is normal for first time login.... (2 Replies)
Discussion started by: invinzin21
2 Replies
LEARN ABOUT OSF1
syslog.auth
syslog.auth(4) Kernel Interfaces Manual syslog.auth(4)NAME
syslog.auth - authorization file for accepting remote syslog messages
SYNOPSIS
# format: Each fully qualified host name on a separate line hostname.domain_name
DESCRIPTION
The /etc/syslog.auth file specifies which remote hosts are allowed to forward syslog messages to the local host. For the sake of security,
only messages coming from remote hosts listed in the local /etc/syslog.auth file will be logged by the syslogd daemon.
If the /etc/syslog.auth file does not exist, then messages coming from any host will be accepted.
Each remote host name should appear in a separate line in /etc/syslog.auth. A line started with the # character is considered as a comment
and is thus ignored.
A host name must be a complete domain name such as trout.zk3.dec.com. If a domain host name is given, it must either appear in the local
/etc/hosts file or be able to be resolved by the local name server (BIND).
Note that a host name can have at most as many characters as defined by the MAXHOSTNAMELEN constant in <sys/param.h>, although each line
in the /etc/syslog.auth file can have up to 512 characters.
The /etc/syslog.auth file must be owned by root and has a permission of 0600.
To invoke a new version of the /etc/syslog.auth file, run the following command (as the super user) to initialize the syslogd daemon: kill
-HUP `cat /var/run/syslog.pid`
EXAMPLES
The following example provides a typical authorization file: # format: Each fully qualified host name on a separate line
c3poid.rvo.dec.com r2d2id.ckt.dec.com
FILES
Location of the authorization file.
RELATED INFORMATION
Commands: syslogd(8), syslog(1)
System Administration delim off
syslog.auth(4)