- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- syslog redirection
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 05:52 AM
01-10-2006 05:52 AM
Thanks,
Tim
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 06:08 AM
01-10-2006 06:08 AM
Solution6.4 Reliable Delivery
As there is no mechanism within either the syslog process or the
protocol to ensure delivery, and since the underlying transport is
UDP, some messages may be lost. They may either be dropped through
network congestion, or they may be maliciously intercepted and
discarded. The consequences of the drop of one or more syslog
messages cannot be determined. If the messages are simple status
updates, then their non-receipt may either not be noticed, or it may
cause an annoyance for the system operators. On the other hand, if
the messages are more critical, then the administrators may not
become aware of a developing and potentially serious problem.
Messages may also be intercepted and discarded by an attacker as a
way to hide unauthorized activities.
Jeff Traigle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 06:09 AM
01-10-2006 06:09 AM
Re: syslog redirection
What usually happens if the central server is down is the entries are lost for the entire time the central server is down.
You can configure it to go both places though so there will be no actual data loss.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 06:13 AM
01-10-2006 06:13 AM
Re: syslog redirection
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 03:47 PM
01-10-2006 03:47 PM
Re: syslog redirection
dropped.
Starting with 11.23 December 05, syslog-ng shipped with
HP-UX as part of the Distributed System Administration
Utilities (DSAU). syslog-ng (for "next generation") is a
syslogd replacement. For this version of HP-UX we configure
it alongside standard syslogd. syslogd forwards messages to
syslog-ng and syslog-ng forwards off-host. If the log
consolidation system is also running syslog-ng, then you can
configure syslog-ng clients to use a TCP transport instead
of UDP. This is still not a guarantee of message delivery
but with TCP you can configure the buffer size on the
client-side to try and mitigate message loss. Depending the
volume of log traffic on the client, this can work well.
The DSAU tools also make it trivial to set up a Serviceguard
cluster as a log consolidator (syslog-ng is configured as a
package). The clients forward to the package's floating IP
address. This again is *not* a guarantee of no message loss
when using UDP, but since SG can be tuned for fast failover,
loss can be minimized. TCP can also be used in this
configuration as well.
Another technique some folks use is to forward from the
clients to two independent log consolidators.
pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 03:49 PM
01-10-2006 03:49 PM
Re: syslog redirection
If central syslog server is working then you can remove log files in local server else keep it safe for tracking.
scripting is needed to achive this.
--
Muthu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-10-2006 03:56 PM
01-10-2006 03:56 PM
Re: syslog redirection
If the centralised server goes down, entries from the corresponding time will be lost. There is no way to over come other than having a backup of centralised server. A failover method will help you.
-Arun