Basically, on each individual server, the only active line you need is
You do the filtering/splitting on the the receiving server. If you match the message multiple times, you will record it multiple times. Do you have an example of the duplicated messages? If they are in different files, then remember that you are usually recording messages that are of the specified level and above, e.g. *.info will also pick up *.warn messages. You can specifically exclude hight levels, if that's what you want.
I would suggest using a DNS address in case you want to move your central syslog server, however some people worry that this requires the address to resolve as the rsyslogd starts, so I know that many people use a plain IP address.
Hi,
I want to log-in to a remote server using shell script.
The server requires the following while allowing a connection:
username
password
one - letter authorisation.
How can i implement this in my script?
thanks,
abey (6 Replies)
Hi,
I have Sun One Application server installed on 2 Solaris servers. Currently I am getting their logs in relative server. I am using log4j for logging. Now I want to change this. I want such that I should get both S1AS's log on third server with log4j. How can I do that ?
I got one idea... (0 Replies)
Hi,
I wonder if anyone is able to assist me.
I have a HP UX server and some HP UX workstations that has been migrated from another network. I have changed the IP Addresses and everything seems to be working fine.
However, the users are complaining that they are unable to login to the UX... (1 Reply)
Dear All,
Could I change password while login in to ftp server(solaris 10)? I tried to use fileZilla and command prompt(window) to change my password but It can't. Do you have any suggestion ?
Ps. I can't telnet and ssh to the server because of poicy for ftpuser.
Thank in advance (3 Replies)
Hi, I bought a linux server, and actually all I can do now is enter through the SSH, This is my first time buying a server. When I bought a VPS before I could enter through remote desktop control, how can I do that on the server ? I need a little explanation because I am little short on info here... (1 Reply)
Hello everybody,
I have one small issue... :(
When i'm trying to connect another unix box through below script..
#!/usr/bin/bash
ssh $1 <<EOF
Commands
.
.
exit
EOF
But getting some syntax error "-sh: syntax error at line 2: `end of file' unexpected". I used to use... (2 Replies)
hi all,
I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server.
for eg :
I tried with below script ,but cant get the desired o/p. please help with this
for i in `cat serverlist`
do
echo $i
ssh $i uname -a ;
cat... (4 Replies)
When unlocking a Linux server's console there's no event indicating successful logging
Is there a way I can fix this ?
I have the following in my rsyslog.conf
auth.info /var/log/secure
authpriv.info /var/log/secure (1 Reply)
I have been logging to 100 server everyday to test if I can login to the server.
I created a script to ssh-copy-id to every host so next time it will be password less. Now it keeps prompting me
Are you sure you want to continue connecting (yes/no)? yes
This is normal for first time login.... (2 Replies)
Discussion started by: invinzin21
2 Replies
LEARN ABOUT OSF1
syslog_evm.conf
syslog_evm.conf(4) Kernel Interfaces Manual syslog_evm.conf(4)NAME
syslog_evm.conf - EVM syslog subscription configuration file
SYNOPSIS
facility.priority
DESCRIPTION
The syslog_evm.conf file is a text file that specifies what syslog messages will be forwarded from the syslog daemon to the Event Manager,
EVM,in the form of EVM events. Those syslog messages are posted to the EVM daemon evmd by syslogd if the syslogd forwarding function is
turned on with the -e flag. Events are posted with the EVM name of sys.unix.syslog.facility-name.
This configuration file is read every time syslogd starts, or is restarted by a SIGHUP signal. If the file does not exist, or if it exists
but contains no subscription lines, no syslog messages will be posted to EVM.
Each line in the file controls the forwarding of one syslog event. Lines beginning with the # character are considered comments and are
ignored. Only one subscription per line is permitted. Mixing a subscription and a comment on the same line is not allowed.
Each line has the format facility.priority[+]. Specifies the part of the system that generated the message. Legal values are the follow-
ing: All messages. Messages generated by the kernel. Messages generated by user processes. Messages generated by the mail system. Mes-
sages generated by system daemons. Messages generated by the authorization system. Messages generated internal to the syslog system.
Messages generated by the line printer spooling system. Messages generated by the system news command. Messages generated by the UNIX to
UNIX copy system. Messages generated by the system clock daemon. Messages generated by remote file systems. Available for local use.
Indicates the priority of the message. If the priority is followed by a + character, events which are of the specified priority or higher
are forwarded; otherwise only events which exactly match the priority are forwarded.
The priority level must be one of the following: Forward messages of any priority. Forward messages of emergency priority. Forward
messages of alert priority. Forward messages of critical priority. Forward messages of error priority. Forward messages of warn-
ing priority. Forward messages of notice priority. Forward messages of information priority. Forward messages of debug priority.
EXAMPLES
This example causes syslogd to forward events to EVM as follows: All messages of emergency priority are forwarded. All messages generated
in the kernel which have a priority of info or greater are forwarded. All messages generated by users, by the mail subsystem or by the
system daemons which have a priority of info or greater are forwarded.
*.emerg kern.info+ user.notice+ mail.notice+ daemon.notice+
FILES
Location of the system logger configuration file. Location of the EVM syslog subscription configuration file. Location of the EVM logger
configuration file.
SEE ALSO
Commands: evmd(8), evmlogger(8), syslog(1), syslogd(8)
Routines: syslog(3)
Event Management: EVM(5)
delim off
syslog_evm.conf(4)