Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Requesting help to understand rsyslog logging server configuration
Operating Systems Linux Requesting help to understand rsyslog logging server configuration Post 302989978 by rbatte1 on Friday 20th of January 2017 06:57:24 AM
Old 01-20-2017
Basically, on each individual server, the only active line you need is
Code:
*.*       @syslog.my.company.server

You do the filtering/splitting on the the receiving server. If you match the message multiple times, you will record it multiple times. Do you have an example of the duplicated messages? If they are in different files, then remember that you are usually recording messages that are of the specified level and above, e.g. *.info will also pick up *.warn messages. You can specifically exclude hight levels, if that's what you want.

This link is useful. Sending Messages to a Remote Syslog Server

I would suggest using a DNS address in case you want to move your central syslog server, however some people worry that this requires the address to resolve as the rsyslogd starts, so I know that many people use a plain IP address.


I hope that this helps,
Robin
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

logging to remote server

Hi, I want to log-in to a remote server using shell script. The server requires the following while allowing a connection: username password one - letter authorisation. How can i implement this in my script? thanks, abey (6 Replies)
Discussion started by: abey
6 Replies

2. Solaris

How to implement Centralized logging server

Hi, I have Sun One Application server installed on 2 Solaris servers. Currently I am getting their logs in relative server. I am using log4j for logging. Now I want to change this. I want such that I should get both S1AS's log on third server with log4j. How can I do that ? I got one idea... (0 Replies)
Discussion started by: neel.gurjar
0 Replies

3. HP-UX

Issue with user logging in to HP UX Server

Hi, I wonder if anyone is able to assist me. I have a HP UX server and some HP UX workstations that has been migrated from another network. I have changed the IP Addresses and everything seems to be working fine. However, the users are complaining that they are unable to login to the UX... (1 Reply)
Discussion started by: michaelgim
1 Replies

4. Solaris

How to change pwd during logging on ftp server?

Dear All, Could I change password while login in to ftp server(solaris 10)? I tried to use fileZilla and command prompt(window) to change my password but It can't. Do you have any suggestion ? Ps. I can't telnet and ssh to the server because of poicy for ftpuser. Thank in advance (3 Replies)
Discussion started by: unitipon
3 Replies

5. Linux

Bought a New linux server, need help logging in

Hi, I bought a linux server, and actually all I can do now is enter through the SSH, This is my first time buying a server. When I bought a VPS before I could enter through remote desktop control, how can I do that on the server ? I need a little explanation because I am little short on info here... (1 Reply)
Discussion started by: Thehunterman
1 Replies

6. Shell Programming and Scripting

logging into another server through script

Hello everybody, I have one small issue... :( When i'm trying to connect another unix box through below script.. #!/usr/bin/bash ssh $1 <<EOF Commands . . exit EOF But getting some syntax error "-sh: syntax error at line 2: `end of file' unexpected". I used to use... (2 Replies)
Discussion started by: raghu.iv85
2 Replies

7. Shell Programming and Scripting

logging into server and excute commands

hi all, I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server. for eg : I tried with below script ,but cant get the desired o/p. please help with this for i in `cat serverlist` do echo $i ssh $i uname -a ; cat... (4 Replies)
Discussion started by: sudharson
4 Replies

8. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

9. UNIX and Linux Applications

Logging to server to get etc/passwd file of all 300 server

i am new to scripting ,i need bash script in jump server to pull the /etc/passwd of all servers and the ssh keys are installed (3 Replies)
Discussion started by: profiles
3 Replies

10. Shell Programming and Scripting

Logging in to 100 server to test my account

I have been logging to 100 server everyday to test if I can login to the server. I created a script to ssh-copy-id to every host so next time it will be password less. Now it keeps prompting me Are you sure you want to continue connecting (yes/no)? yes This is normal for first time login.... (2 Replies)
Discussion started by: invinzin21
2 Replies

LEARN ABOUT OSF1

syslog.auth

syslog.auth(4)						     Kernel Interfaces Manual						    syslog.auth(4)

NAME

       syslog.auth -  authorization file for accepting remote syslog messages

SYNOPSIS

       # format:  Each fully qualified host name on a separate line hostname.domain_name

DESCRIPTION

       The /etc/syslog.auth file specifies which remote hosts are allowed to forward syslog messages to the local host.  For the sake of security,
       only messages coming from remote hosts listed in the local /etc/syslog.auth file will be logged by the syslogd daemon.

       If the /etc/syslog.auth file does not exist, then messages coming from any host will be accepted.

       Each remote host name should appear in a separate line in /etc/syslog.auth. A line started with the # character is considered as a  comment
       and is thus ignored.

       A  host	name  must be a complete domain name such as trout.zk3.dec.com. If a domain host name is given, it must either appear in the local
       /etc/hosts file or be able to be resolved by the local name server (BIND).

       Note that a host name can have at most as many characters as defined by the  MAXHOSTNAMELEN constant in <sys/param.h>, although	each  line
       in the /etc/syslog.auth file can have up to 512 characters.

       The /etc/syslog.auth file must be owned by root and has a permission of 0600.

       To invoke a new version of the /etc/syslog.auth file, run the following command (as the super user) to initialize the  syslogd daemon: kill
       -HUP `cat /var/run/syslog.pid`

EXAMPLES

       The  following  example	provides  a  typical  authorization  file:  #  format:	 Each  fully  qualified  host  name  on  a  separate  line
       c3poid.rvo.dec.com r2d2id.ckt.dec.com

FILES

       Location of the authorization file.

RELATED INFORMATION

       Commands: syslogd(8), syslog(1)

       System Administration delim off

																    syslog.auth(4)
All times are GMT -4. The time now is 06:56 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy