HPE Community
Operating System - HP-UX
1826312 Members
4372 Online
109692 Solutions
New Discussion

Re: Logging to a syslog server

 
Gus Mestousis
Frequent Advisor

‎08-31-2004 08:49 AM

‎08-31-2004 08:49 AM

Logging to a syslog server

What would the proper syntax in the syslog.conf file be if I wanted to do the following:

Log all messages from serverA to serverB, but have the files go to the file /var/adm/syslog/serverA.syslog.log on serverB?

I realize that I have to use tabs in the syslog file, and that to send to an alternate server I should use the @serverB, but how do I send it to the particular file on serverB?

Does anything have to be done on serverB to allow it to receive the messages from serverA?
Thanks!
Sure, let me just drop everything and work on your problem.
0 Kudos
Reply
2 REPLIES 2
Sridhar Bhaskarla
Honored Contributor

‎08-31-2004 08:56 AM

‎08-31-2004 08:56 AM

Re: Logging to a syslog server

Hi Gus,

You can configure the log files for the messages based on the facility (like *.emerg, *.info etc,) but not based on the host they are coming from. They will be logged into the syslog file that you have specified in your syslog.conf on serverB. However, these messages will appear in the syslog.log of serverB with the hostname serverA, so you can be able to easily seperate them out during the analysis.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Sundar_7
Honored Contributor

‎08-31-2004 09:00 AM

‎08-31-2004 09:00 AM

Re: Logging to a syslog server

Gus,

Initally I thought this is going to be very straightforward. One complication is that, I dont believe there is anyway ServerB can distinguish between the syslog messages from ServerA and log in to a different file than /var/adm/syslog.log

I can outline steps involved, but need to figure out how to route ALL the messages from ServerA to a specific file on ServerB.

On ServerA

# vi /etc/syslog.conf
local4.notice @serverB
#

# ps -ef | grep syslogd
# kill -1

On ServerB

# vi /etc/syslog.conf
local4.notice /var/adm/syslog/serverA.syslog.log
#

# kill -1 `cat /var/run/syslogd.pid`

From ServerA

# logger -t local4.notice "Hi ! this is a test"

Now check the file in ServerB.

There is no more steps involved apart from the ones I have mentioned above except in case of firewall-ed hosts. You need to enable 514/TCP for the syslog communication between the hosts.

- Sundar
Learn What to do ,How to do and more importantly When to do ?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.