Re: How i can to collect all logs of unix server ?

Mousa55 · ‎12-26-2010

Hi All,

I am installing RHEL 5.5 to be a syslog server to collects logs from servers (HP-UX, Linux, Windows and Cisco Network Devices).
and i can now collect logs from my windows PC on syslog linux server by using Datagram SyslogAgent software. but still i need your help to i can collect logs from HP-UX 11.23 server. and i configuring the Unix server as in the steps below:
====================================
1. Log in as root

2. Go to /etc/syslog.conf

3. Add a line: *.*@

*.* @10.15.1.5

4. Save and Close

# netstat -na | grep 514

tcp 0 0 *.514 *.* LISTEN
udp 0 0 *.514 *.*

5. Go to the /etc/hosts file (in case DNS is not configured or temporarily down)

Enter a line: Name

10.15.1.5 syslog

10. Now execute the following commands

/sbin/init.d/syslogd stop
syslogd -v
kill -HUP `cat /etc/syslog.pid`
/sbin/init.d/syslogd start
====================================
And only i see these logs when i try to telnet to syslog server from unix server

# telnet 10.15.1.5

"Dec 26 13:12:41 syslog xinetd[3186]: START: telnet pid=11657 from=10.8.1.69
Dec 26 13:12:44 syslog xinetd[3186]: EXIT: telnet status=0 pid=11657 duration=3(sec)"

How i can to collect all logs of unix server ?

Thanks

Stephan._1 · ‎12-26-2010

Hi,
try changing

*.* @10.15.1.5

to

*.debug@10.15.1.5

For the restart process

kill -HUP `cat /etc/syslog.pid`

is enough, it will reread it's configuration.

hth
Stephan

Share what you know, learn what you don't.

Mousa55 · ‎12-26-2010

Hi All,

Thanks Stephan, it is working now.

but how i can separate HP-UX logs about a windows server logs and about Cisco devices logs. I.e. each logs on path individually on Linux syslog server.

Very Thanks

Stephan._1 · ‎12-27-2010

Hi Nejad,
you need to configure it on your syslogd server.

I have no glue about Red Hat but on FreeBSD you need the following:

On the syslogd server - add for every client

+logclient.example.com
*.* /var/log/logclient.log

to /etc/syslog.conf.

Create the file (f.e. touch /var/log/logclient.log)

Restart syslog daemon.

Check the man page for right syntax on Red Hat.

hth
Stephan

Share what you know, learn what you don't.

Dennis Handly · ‎12-27-2010

Your corresponding Linux thread:
http://forums.itrc.hp.com/service/forums/questionanswer.do?threadId=1461727

Mousa55 · ‎12-27-2010

Thanks i can now collect logs from all server

Re: How i can to collect all logs of unix server ?

How i can to collect all logs of unix server ?