HPE Community
Operating System - HP-UX
1821836 Members
3488 Online
109638 Solutions
New Discussion юеВ

How to send a syslog to a MOM server PART-2

 
SOLVED
Go to solution
Claude Lanouette_1
Advisor

тАО09-15-2006 02:08 AM

тАО09-15-2006 02:08 AM

How to send a syslog to a MOM server PART-2

Hi,

I would like to config a syslog to send to a MOM server the syslog.log.
How should I do?

First i modify the syslog.conf to add the new MOM server (See Below).
Restart syslodd deamon
I dont recive any log on my new MOM server from the UDP 514 port.

# @(#)B11.23_LR
# syslogd configuration file.
# See syslogd(1M) for information about the format of this file.
#
# The new MOM server
*.emerg;*.alert;*.info @192.168.26.20
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *
#*.emerg;*.alert;*.info;mail.!*;!security.info /var/adm/testpage
#
# I add this new line and sill dont working.
*.debug @192.168.26.20


And i v├Г┬йrify the configuration with the "How to Configure MOM to Monitor and Collect UNIX Syslogs":
http://support.microsoft.com/default.aspx?scid=kb;en-us;297443 on the MOM server and is all ready working with
a orther server.

The security man said he din't see any activity on the firewall.

It is possible the problem comme from because the server was not patched (is fresh install) 11i v2.23 see the inventory.xml attachement.


Tanks.

Claude
0 Kudos
5 REPLIES 5
spex
Honored Contributor

тАО09-15-2006 03:38 AM

тАО09-15-2006 03:38 AM

Re: How to send a syslog to a MOM server PART-2

Claude,

First of all, if syslog.conf contains "*.debug @192.168.26.20" then you don't need "*.emerg;*.alert;*.info @192.168.26.20".

Recommended troubleshooting steps:

1) Install netcat on your workstation. Netcat is available for Windows, Linux, and many other platforms.

2) Add "*.debug @" to /etc/syslog.conf.

3) Restart syslogd:

# kill -HUP $(cat /var/run/syslog.pid)

4) Make netcat listen on 514/udp. From your workstation:

C:\> nc -l -u -p 514

5) From HP-UX:

# echo "test" > /dev/log

If the message displays on your workstation, you know that /etc/syslog.conf is formatted correctly, and that syslogd can send to a remote host, and that your server can reach your workstation.

Now conduct a similar test on your MOM box.

PCS
0 Kudos
Claude Lanouette_1
Advisor

тАО09-15-2006 06:06 AM

тАО09-15-2006 06:06 AM

Re: How to send a syslog to a MOM server PART-2

Hi,

I did all config on HP-UX and wen i resart syslogd i have this message:
unknown facility name "@192": No such device or address
but i recive the echo "test" > /dev/log in the /var/adm/syslog/syslog.log

Tank.

Claude
0 Kudos
Kofi ARTHIABAH
Honored Contributor

тАО09-15-2006 06:21 AM

тАО09-15-2006 06:21 AM

Solution

Re: How to send a syslog to a MOM server PART-2

Claude:

I believe there has to be a TAB not space between the alert level and the destination - are you using TABs?

HTH
Kofi
nothing wrong with me that a few lines of code cannot fix!
0 Kudos
Kofi ARTHIABAH
Honored Contributor

тАО09-15-2006 06:25 AM

тАО09-15-2006 06:25 AM

Re: How to send a syslog to a MOM server PART-2

Sorry - pushed the submit button rather than preview button, it should look like this:

*.emerg;*.alert;*.info [TAB] @192.168.26.20
nothing wrong with me that a few lines of code cannot fix!
0 Kudos
Claude Lanouette_1
Advisor

тАО09-15-2006 06:51 AM

тАО09-15-2006 06:51 AM

Re: How to send a syslog to a MOM server PART-2

Tanks all...
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.