[CentOS] How to log separate files or directories for centralizing SysLog server ?
Hi All, I have three server. server0 is centralized logging server, server1 and server2 are remote client servers. How can I properly configure the syslog in server0 to log the two servers in different separated files/directories. Example, server1 will be logged at /var/log/syslog/server1.log of server0 and /var/log/syslog/server2.log for server2 as well. Is there need of little tweaking for syslog.conf ? Thanks. James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to log separate files or directories for centralizing SysLog server ?
Hi James,
i think much better for syslog server usage is syslog-ng. It has bit
more difficult configuration for such a small network, but it brings
much more functionalities.
the simple ruleset for your needs could look like:
source s_sys { unix-stream(/dev/log); internal(); };
source s_net { udp(); };
destination d_net { file(/var/log/network/$HOST/$YEAR.$MONTH.log
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(s_net); destination(d_net); };
log { source(s_sys); destination(d_net); };
Hope it helps,
Tomas
Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal:
Hi All,
I have three server. server0 is centralized logging server, server1 and
server2 are remote client servers. How can I properly configure the syslog
in server0 to log the two servers in different separated files/directories.
Example, server1 will be logged at /var/log/syslog/server1.log of server0
and /var/log/syslog/server2.log for server2 as well. Is there need of little
tweaking for syslog.conf ?
Thanks.
James
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to log separate files or directories for centralizing SysLog server ?
Hi Tomas,
I can't use syslog-ng because it's not included in RHEL package in DVD and
company policy not to use non-rpm. I can use rsyslog and found it's the same
config to syslog. Can I apply that rules in rsyslog?
Thanks.
James
On Mon, Apr 12, 2010 at 3:57 PM, Tomas Ruprich rupr...@uikt.mendelu.czwrote:
Hi James,
i think much better for syslog server usage is syslog-ng. It has bit
more difficult configuration for such a small network, but it brings
much more functionalities.
the simple ruleset for your needs could look like:
source s_sys { unix-stream(/dev/log); internal(); };
source s_net { udp(); };
destination d_net { file(/var/log/network/$HOST/$YEAR.$MONTH.log
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(s_net); destination(d_net); };
log { source(s_sys); destination(d_net); };
Hope it helps,
Tomas
Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal:
Hi All,
I have three server. server0 is centralized logging server, server1 and
server2 are remote client servers. How can I properly configure the
syslog
in server0 to log the two servers in different separated
files/directories.
Example, server1 will be logged at /var/log/syslog/server1.log of server0
and /var/log/syslog/server2.log for server2 as well. Is there need of
little
tweaking for syslog.conf ?
Thanks.
James
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to log separate files or directories for centralizing SysLog server ?
Not that rules, but definetely it's possible with rsyslog.
http://www.rsyslog.com/Article60.phtml
Tomas
Mon, Apr 12, 2010 ve 04:12:39PM +0800, James Corteciano napsal:
Hi Tomas,
I can't use syslog-ng because it's not included in RHEL package in DVD and
company policy not to use non-rpm. I can use rsyslog and found it's the same
config to syslog. Can I apply that rules in rsyslog?
Thanks.
James
On Mon, Apr 12, 2010 at 3:57 PM, Tomas Ruprich rupr...@uikt.mendelu.czwrote:
Hi James,
i think much better for syslog server usage is syslog-ng. It has bit
more difficult configuration for such a small network, but it brings
much more functionalities.
the simple ruleset for your needs could look like:
source s_sys { unix-stream(/dev/log); internal(); };
source s_net { udp(); };
destination d_net { file(/var/log/network/$HOST/$YEAR.$MONTH.log
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(s_net); destination(d_net); };
log { source(s_sys); destination(d_net); };
Hope it helps,
Tomas
Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal:
Hi All,
I have three server. server0 is centralized logging server, server1 and
server2 are remote client servers. How can I properly configure the
syslog
in server0 to log the two servers in different separated
files/directories.
Example, server1 will be logged at /var/log/syslog/server1.log of server0
and /var/log/syslog/server2.log for server2 as well. Is there need of
little
tweaking for syslog.conf ?
Thanks.
James
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
--
S pozdravem
Tomáš Ruprich
systémový administrátor
Ústav pro informační systém
Mendelova univerzita v Brně
Zemědělská 1 / 613 00 Brno
telefon 545 132 885
rupr...@uikt.mendelu.cz
www.mendelu.cz
[prostor pro logo]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to log separate files or directories for centralizing SysLog server ?
Hi Tomas,
It's working in rsyslog with applying the link you've given. Thanks. The
only thing that I am thinking now is how to make logrotate to automatically
compress those different directories/files in various hostnames logged in a
certain period of time. I can copy and modify manually the
/etc/logrotate.d/syslog to target those different hostname logged but is
there any settings needed to work it in logrotate.conf?
Thanks.
James
2010/4/12 Tomas Ruprich rupr...@uikt.mendelu.cz
Not that rules, but definetely it's possible with rsyslog.
http://www.rsyslog.com/Article60.phtml
Tomas
Mon, Apr 12, 2010 ve 04:12:39PM +0800, James Corteciano napsal:
Hi Tomas,
I can't use syslog-ng because it's not included in RHEL package in DVD
and
company policy not to use non-rpm. I can use rsyslog and found it's the
same
config to syslog. Can I apply that rules in rsyslog?
Thanks.
James
On Mon, Apr 12, 2010 at 3:57 PM, Tomas Ruprich rupr...@uikt.mendelu.cz
wrote:
Hi James,
i think much better for syslog server usage is syslog-ng. It has bit
more difficult configuration for such a small network, but it brings
much more functionalities.
the simple ruleset for your needs could look like:
source s_sys { unix-stream(/dev/log); internal(); };
source s_net { udp(); };
destination d_net { file(/var/log/network/$HOST/$YEAR.$MONTH.log
owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
log { source(s_net); destination(d_net); };
log { source(s_sys); destination(d_net); };
Hope it helps,
Tomas
Mon, Apr 12, 2010 ve 03:49:53PM +0800, James Corteciano napsal:
Hi All,
I have three server. server0 is centralized logging server, server1
and
server2 are remote client servers. How can I properly configure the
syslog
in server0 to log the two servers in different separated
files/directories.
Example, server1 will be logged at /var/log/syslog/server1.log of
server0
and /var/log/syslog/server2.log for server2 as well. Is there need of
little
tweaking for syslog.conf ?
Thanks.
James
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
--
S pozdravem
Tomáš Ruprich
systémový administrátor
Ústav pro informační systém
Mendelova univerzita v Brně
Zemědělská 1 / 613 00 Brno
telefon 545 132 885
rupr...@uikt.mendelu.cz
www.mendelu.cz
[prostor pro logo]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
