HPE Community
Operating System - HP-UX
1835064 Members
2264 Online
110073 Solutions
New Discussion

Syslog.conf entries

 
SOLVED
Go to solution
fg_1
Trusted Contributor

‎10-01-2002 07:41 AM

‎10-01-2002 07:41 AM

Syslog.conf entries

All

I am starting to try and consolidate
several files from each system onto
one server for consolidated reporting
purposes, some of the questions i have
regarding the process are below:

1) With regards to the syslog.log
file, my goal is to take the
syslog.conf file on each system and
have it write to both the current system
and also to a localhost but I dont know
if that is possible. Below is a sample
of my syslog.conf file and a possible
entry that I can put there to make the
syslog entries go to localhost, just
not sure if it will work:

CURRENT SYSLOG.CONF file.

*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *

Possible Entry:

*.info;mail.none @mmdcux21.chsli.org

This would be an entry to get it to
localhost, but the goal here is to get
it to both the localhost and the
current system.

2) Dmesg: Currently dmesg is writing to
the /var/adm/messages file via a cronjob
that runs every 10 minutes (SEE BELOW):

1,11,21,31,41,51 * * * * /usr/sbin/dmesg - |
uniq >> /var/adm/messages 2>&1

What I take from this is that it writes
only uniq messages to the /var/adm/messages
file, so I guess to get this over, i need
to figure a way to move each of the systems
/var/adm/messages file to one system, and
then consolidate them into one file.

I know this is a long posting but its very
important to me as I try to get a better
handle on things.

Thank you for your assist in advance.
0 Kudos
Reply
6 REPLIES 6
Craig Rants
Honored Contributor

‎10-01-2002 07:51 AM

‎10-01-2002 07:51 AM

Re: Syslog.conf entries

Your entry for remote syslog should work. As far as the messages, you could create a script to label and date your messages files, then scp them to a central server that organizes them for better reporting. This is all very plausible.

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Darren Prior
Honored Contributor

‎10-01-2002 08:07 AM

‎10-01-2002 08:07 AM

Re: Syslog.conf entries

Hi Frank,

In answer to your 1st question, put both lines into the syslog.conf file, ie:

*.info;mail.none /var/adm/syslog/syslog.log
*.info;mail.none @mmdcux21.chsli.org
*.alert /dev/console
*.alert root
*.emerg *

Syslogs will be written to both the local syslog and sent to the other machine. See man syslogd(1M) for an example of this.

regards,

Darren.
Calm down. It's only ones and zeros...
0 Kudos
Reply
fg_1
Trusted Contributor

‎10-01-2002 09:06 AM

‎10-01-2002 09:06 AM

Re: Syslog.conf entries

Darin

I tried that entry and it works, just had to restart the syslogd daemon. So at least that
part of it is settled.

I just am trying to figure out how to script
the FTP portion of the 2nd part of my msg
related to DMESG and /VAR/ADM/MESSAGES files
being brought over to a single system.

In theory I would have to run some kind of
mechanism that takes the /var/adm/messages
file on each system and copies it to a new
filename or the same filename with a .(uname)
at the end so that I can uniquely identify
each of the files.

Any help on #2 would be appreciated.

fg
0 Kudos
Reply
fg_1
Trusted Contributor

‎10-01-2002 12:45 PM

‎10-01-2002 12:45 PM

Re: Syslog.conf entries

Oh also if any of you know a simple way to
take 20 different filenames and make them
into one long file, with some kind of seperator between each system entry into that
one file let me know.

ty.
0 Kudos
Reply
Craig Rants
Honored Contributor

‎10-01-2002 12:53 PM

‎10-01-2002 12:53 PM

Re: Syslog.conf entries

I am sure you could do this:
x=""
for i in `ls`
do
x=$i_$x
done

GL,
C
"In theory, there is no difference between theory and practice. But, in practice, there is. " Jan L.A. van de Snepscheut
0 Kudos
Reply
Darren Prior
Honored Contributor

‎10-02-2002 01:50 AM

‎10-02-2002 01:50 AM

Solution

Re: Syslog.conf entries

Hi Frank,

If you want to concatenate a load of different message files in one directory into one file with a simple header how about something like:

OUT=/tmp/messages_outfile
cat /dev/null >$OUT
cd
for i in `ls`
do
echo "########" >>$OUT
echo Contents of $i >>$OUT
cat $i >>$OUT
done

For the ftp'ing part you'll need to do something like this from your central system to each of the servers you want to collect from:

/usr/bin/ftp -nv <open
user ftp ftp
cd /var/adm
get messages
quit
EOD

Things to remember if you use this method:

* The password is stored in the script file in plaintext

* You still need to move and rename the messages file

Hope this gives you some pointers.

regards,

Darren.
Calm down. It's only ones and zeros...
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.