System Administration

Re: script required to collect syslog

 
SOLVED
Go to solution
Gurumanickam
Frequent Advisor

script required to collect syslog

hi all,

I have 20 hp-ux box in our data center, daily im checking the syslog manually log in to all the system. is there any script available to collect the syslog from all the system and display it on the system where i execute the script.

Regards

Guru
Be an expert
7 REPLIES 7
Torsten.
Acclaimed Contributor

Re: script required to collect syslog

Hi,

there are several options: servers can send the syslog mssages to another server directly.
You can even collect the files from the servers using commands like scp or rcp.

Have a look at "man scp".

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
Rasheed Tamton
Honored Contributor
Solution

Re: script required to collect syslog

Hi Guru,

man syslogd

A host name preceded by an @ character. Selected messages are forwarded to the syslogd on the named host.

You can send syslog file on all the servers to a logserver (@hostname). The entry should be added on /etc/syslog.conf on all the servers.

Look for the @hostname option on /etc/syslog.conf

*.* @hostname
restart syslogd

After that you can grep the syslog for errors and mail it to you.

grep -Ei "err|warn|panic|crit" syslog.log

Regards,
Rasheed Tamton



Alan Meyer_4
Respected Contributor

Re: script required to collect syslog

Attached is a script I run out of cron that loops through all servers and collects the syslog entries since the day before at midnight.


It utilizes caljd.sh to calculate yesterday. It also takes entries from a file(grep.string) to create a text string which I do not want reports about and then emails the report to my email address.
" I may not be certified, but I am certifiable... "
Murilo vitorino
New Member

Re: script required to collect syslog

Alan,

Could you send / attach CALJD script?


Regards,

Murilo.
Tim Nelson
Honored Contributor

Re: script required to collect syslog

And to email any syslog.log changes since last run. (schedule in cron at your preference)

Includes warning if syslog has had lines removed ( i.e. file is smaller than last run)

Also requires an ignore file to filter out what ever you wish.

Review for ideas or modify for your environment.

Cheers.

Kenan Erdey
Honored Contributor

Re: script required to collect syslog

Hi

sending logs to a logserver on the fly as mentioned before, also keeps logs from unexpected reboot and deleting logs of unauthorized people. you can also keep windows event logs here. there is a tool written in .net to do it. Then you can store logs in mysql with a tool php syslog-ng. So you can do advance search in logs.

Kenan.
Computers have lots of memory but no imagination
Mustafa Gulercan
Respected Contributor

Re: script required to collect syslog

hi;
you may use syslog server, syslog-ng.
It extends the original syslogd model with content-based filtering, flexible configuration options and adds important features to syslog, like using TCP for transport.
default it uses 514 UDP port.
you can log whatever you want to the logserver.

regards,
mustafa