HPE Community
Operating System - HP-UX
1834187 Members
2715 Online
110064 Solutions
New Discussion

Re: Syslog Server

 
SOLVED
Go to solution
Nobody's Hero
Valued Contributor

‎01-31-2005 12:54 AM

‎01-31-2005 12:54 AM

Syslog Server

I am trying to find an HP syslog server software package to run on my N4000. We need to use syslog server software for router,switch and hub logging. Does anyone know of such a product. I posted here because I am in a real bind. All help is appreciated. All I can find is win2k syslog server software.
UNIX IS GOOD
0 Kudos
Reply
5 REPLIES 5
harry d brown jr
Honored Contributor

‎01-31-2005 01:07 AM

‎01-31-2005 01:07 AM

Solution

Re: Syslog Server


You point your switches to use your HP's syslogd. Just make sure you didn't start syslogd with the -N option (it turns off listening).

If these devices are in or outside your DMZ, then I suggest you don't do it. You are usually safe inside your network.

You could also try: http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/libol-0.3.14/


live free or die
harry d brown jr
Live Free or Die
Reply
Elmar P. Kolkman
Honored Contributor

‎01-31-2005 01:07 AM

‎01-31-2005 01:07 AM

Re: Syslog Server

The syslog daemon is part of the default HP-UX installation. If you configure it to listen to any information (the default) it will also accept the information sent by your routers, switches and hubs.
But remember to configure the syslog.conf in /etc to split the information, otherwise everything is written to your /var/adm/syslog/syslog.log...

Good luck.
Every problem has at least one solution. Only some solutions are harder to find.
Reply
Florian Heigl (new acc)
Honored Contributor

‎01-31-2005 02:19 AM

‎01-31-2005 02:19 AM

Re: Syslog Server

You can split the events further with some tricks, usually redirecting them through a script.

I'll try to find some examples.

Also a few small hints:
You need to touch the log files, syslogd doesn't to that for You.
Take care to block incoming UDP to the server from outside nets, so that nothing in front of the router is able to send You fake entries.
Look into the newsyslog-scripts for rotating the logs, and have a separate filesystem to avoid filling up of /var.
yesterday I stood at the edge. Today I'm one step ahead.
Reply
Nobody's Hero
Valued Contributor

‎01-31-2005 05:49 AM

‎01-31-2005 05:49 AM

Re: Syslog Server

Does anyone have an example of thier syslog.conf file? Mine is generic and I am not sure how to set it up.
UNIX IS GOOD
0 Kudos
Reply
Deoncia Grayson_1
Honored Contributor

‎01-31-2005 06:20 AM

‎01-31-2005 06:20 AM

Re: Syslog Server

an example of syslog.conf file:

# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *
# Start of lines added by NetWorker - DO NOT DELETE OR CHANGE THIS LINE
# installed by postinstall on Tue Jun 17 09:03:31 CDT 2003
daemon.notice /dev/console
daemon.notice /nsr/logs/messages
daemon.notice operator
local0.notice /nsr/logs/summary
local0.alert root, operator
If no one ever took risks, Michelangelo would have painted the Sistine floor. -Neil Simon
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.