HPE Community
Operating System - Linux
1832757 Members
3141 Online
110045 Solutions
New Discussion

Re: remote syslog to separate files

 
SOLVED
Go to solution
Ratzie
Super Advisor

‎10-21-2004 09:59 AM

‎10-21-2004 09:59 AM

remote syslog to separate files

We are looking into setting up a separate syslog server. We have been able to push the syslogs to one server, but it is messy and unruly.
1. Can you set on on the host server to:
a) keep a copy of the syslog and...
b) also send it to the remote server.

2. Instead of the syslog treating all incoming messages as local, there for creating one huge syslog that contains multiple servers. I would like to set it up so they each have there own file.
server1.messages
server2.messages
etc.

Is there a pkg that can do all this.
We would like to incorporate windows and HP later on.

0 Kudos
5 REPLIES 5
Stuart Browne
Honored Contributor

‎10-21-2004 12:13 PM

‎10-21-2004 12:13 PM

Solution

Re: remote syslog to separate files

Yes, 'syslog' can keep a copy locally as well as send to a remote server. Just create two lines in '/etc/syslog.conf' on the client server, one pointing to a @server, the other pointing to a file.

Now, as for separating on the server... not something I've done before..

From what I have read, syslog can't do this nativly. You could however set it to write out to a fifo (| /path/to/fifo), and set up a short perl routine to read from the fifo and split it out according to the server (open( FH, "/path/to/fifo);while () { ... }).

The 'syslog.conf' man page says what's needed for that option.

Other than that, I've not tried to do this, so am unaware of any other syslog based products that could do this for you.
One long-haired git at your service...
0 Kudos
Kele_1
New Member

‎10-24-2004 08:11 AM

‎10-24-2004 08:11 AM

Re: remote syslog to separate files

what is your operating system?
this syslog server designed only for this purpose.
that case you can use syslog-ng (on linux) which can make seperated log files depends on the source host
0 Kudos
Ratzie
Super Advisor

‎10-24-2004 09:18 AM

‎10-24-2004 09:18 AM

Re: remote syslog to separate files

You are right, it will be strictly a syslog server and will be installed on RedHat ES3.0, and I have narrowed it down to the syslog-ng.

I have not used it before and have a few questions regarding it.

Is this all server based, meaning, does all the work being done on the syslog-ng server?

I would like only to change the syslog.conf file on the other systems to send the syslog to the syslog-ng server.
This does not mean I need to install a different type of client on any other system?

Appreciate your help
0 Kudos
Gabor Kelecsenyi
Occasional Advisor

‎10-24-2004 09:52 PM

‎10-24-2004 09:52 PM

Re: remote syslog to separate files

hali,

you only need to change the syslog.conf file on other systems. On syslog-ng site you have to change your standard syslog to syslog-ng. It has a different and more flexible syslog-ng.conf file.
in that file you can define destinations, filters and sources. depends on sources (network, hostname, ip etc) you can select destinations (ie files)
0 Kudos
Ratzie
Super Advisor

‎02-23-2005 01:04 AM

‎02-23-2005 01:04 AM

Re: remote syslog to separate files

Thanks
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.