Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Requesting help to understand rsyslog logging server configuration
Operating Systems Linux Requesting help to understand rsyslog logging server configuration Post 302989978 by rbatte1 on Friday 20th of January 2017 06:57:24 AM
Old 01-20-2017
Basically, on each individual server, the only active line you need is
Code:
*.*       @syslog.my.company.server

You do the filtering/splitting on the the receiving server. If you match the message multiple times, you will record it multiple times. Do you have an example of the duplicated messages? If they are in different files, then remember that you are usually recording messages that are of the specified level and above, e.g. *.info will also pick up *.warn messages. You can specifically exclude hight levels, if that's what you want.

This link is useful. Sending Messages to a Remote Syslog Server

I would suggest using a DNS address in case you want to move your central syslog server, however some people worry that this requires the address to resolve as the rsyslogd starts, so I know that many people use a plain IP address.


I hope that this helps,
Robin
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

logging to remote server

Hi, I want to log-in to a remote server using shell script. The server requires the following while allowing a connection: username password one - letter authorisation. How can i implement this in my script? thanks, abey (6 Replies)
Discussion started by: abey
6 Replies

2. Solaris

How to implement Centralized logging server

Hi, I have Sun One Application server installed on 2 Solaris servers. Currently I am getting their logs in relative server. I am using log4j for logging. Now I want to change this. I want such that I should get both S1AS's log on third server with log4j. How can I do that ? I got one idea... (0 Replies)
Discussion started by: neel.gurjar
0 Replies

3. HP-UX

Issue with user logging in to HP UX Server

Hi, I wonder if anyone is able to assist me. I have a HP UX server and some HP UX workstations that has been migrated from another network. I have changed the IP Addresses and everything seems to be working fine. However, the users are complaining that they are unable to login to the UX... (1 Reply)
Discussion started by: michaelgim
1 Replies

4. Solaris

How to change pwd during logging on ftp server?

Dear All, Could I change password while login in to ftp server(solaris 10)? I tried to use fileZilla and command prompt(window) to change my password but It can't. Do you have any suggestion ? Ps. I can't telnet and ssh to the server because of poicy for ftpuser. Thank in advance (3 Replies)
Discussion started by: unitipon
3 Replies

5. Linux

Bought a New linux server, need help logging in

Hi, I bought a linux server, and actually all I can do now is enter through the SSH, This is my first time buying a server. When I bought a VPS before I could enter through remote desktop control, how can I do that on the server ? I need a little explanation because I am little short on info here... (1 Reply)
Discussion started by: Thehunterman
1 Replies

6. Shell Programming and Scripting

logging into another server through script

Hello everybody, I have one small issue... :( When i'm trying to connect another unix box through below script.. #!/usr/bin/bash ssh $1 <<EOF Commands . . exit EOF But getting some syntax error "-sh: syntax error at line 2: `end of file' unexpected". I used to use... (2 Replies)
Discussion started by: raghu.iv85
2 Replies

7. Shell Programming and Scripting

logging into server and excute commands

hi all, I am new to unix and unix scipting. i need a script to logging into servers and to excute some commands in each server. for eg : I tried with below script ,but cant get the desired o/p. please help with this for i in `cat serverlist` do echo $i ssh $i uname -a ; cat... (4 Replies)
Discussion started by: sudharson
4 Replies

8. Linux

Syslog not logging successful logging while unlocking server's console

When unlocking a Linux server's console there's no event indicating successful logging Is there a way I can fix this ? I have the following in my rsyslog.conf auth.info /var/log/secure authpriv.info /var/log/secure (1 Reply)
Discussion started by: walterthered
1 Replies

9. UNIX and Linux Applications

Logging to server to get etc/passwd file of all 300 server

i am new to scripting ,i need bash script in jump server to pull the /etc/passwd of all servers and the ssh keys are installed (3 Replies)
Discussion started by: profiles
3 Replies

10. Shell Programming and Scripting

Logging in to 100 server to test my account

I have been logging to 100 server everyday to test if I can login to the server. I created a script to ssh-copy-id to every host so next time it will be password less. Now it keeps prompting me Are you sure you want to continue connecting (yes/no)? yes This is normal for first time login.... (2 Replies)
Discussion started by: invinzin21
2 Replies

LEARN ABOUT OSF1

syslog_evm.conf

syslog_evm.conf(4)					     Kernel Interfaces Manual						syslog_evm.conf(4)

NAME

       syslog_evm.conf - EVM syslog subscription configuration file

SYNOPSIS

       facility.priority

DESCRIPTION

       The  syslog_evm.conf file is a text file that specifies what syslog messages will be forwarded from the syslog daemon to the Event Manager,
       EVM,in the form of EVM events.  Those syslog messages are posted to the EVM daemon evmd by syslogd if the syslogd  forwarding  function	is
       turned on with the -e flag.  Events are posted with the EVM name of sys.unix.syslog.facility-name.

       This configuration file is read every time syslogd starts, or is restarted by a SIGHUP signal.  If the file does not exist, or if it exists
       but contains no subscription lines, no syslog messages will be posted to EVM.

       Each line in the file controls the forwarding of one syslog event.  Lines beginning with the # character are considered	comments  and  are
       ignored.  Only one subscription per line is permitted.  Mixing a subscription and a comment on the same line is not allowed.

       Each  line has the format facility.priority[+].	Specifies the part of the system that generated the message.  Legal values are the follow-
       ing: All messages.  Messages generated by the kernel.  Messages generated by user processes.  Messages generated by the mail system.   Mes-
       sages  generated  by  system  daemons.	Messages generated by the authorization system.  Messages generated internal to the syslog system.
       Messages generated by the line printer spooling system.	Messages generated by the system news command.	Messages generated by the UNIX	to
       UNIX  copy  system.   Messages  generated by the system clock daemon.  Messages generated by remote file systems.  Available for local use.
       Indicates the priority of the message.  If the priority is followed by a + character, events which are of the specified priority or  higher
       are forwarded; otherwise only events which exactly match the priority are forwarded.

	      The priority level must be one of the following: Forward messages of any priority.  Forward messages of emergency priority.  Forward
	      messages of alert priority.  Forward messages of critical priority.  Forward messages of error priority.	Forward messages of  warn-
	      ing priority.  Forward messages of notice priority.  Forward messages of information priority.  Forward messages of debug priority.

EXAMPLES

       This  example causes syslogd to forward events to EVM as follows: All messages of emergency priority are forwarded.  All messages generated
       in the kernel which have a priority of info or greater are forwarded.  All messages generated by users, by the mail  subsystem  or  by  the
       system daemons which have a priority of info or greater are forwarded.

       *.emerg kern.info+ user.notice+ mail.notice+ daemon.notice+

FILES

       Location  of the system logger configuration file.  Location of the EVM syslog subscription configuration file.	Location of the EVM logger
       configuration file.

SEE ALSO

       Commands: evmd(8), evmlogger(8), syslog(1), syslogd(8)

       Routines: syslog(3)

       Event Management: EVM(5)
       delim off

																syslog_evm.conf(4)
All times are GMT -4. The time now is 02:57 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy