Hi,
<http://stackoverflow.com/questions/22293195/forwarding-logs-to-splunk-gralog-from-syslog-ng#>
I want to forward my apache and tomcat logs to my central log
server.(graylog)
I have client systems with syslog-ng running.
How can I forward the logs?
Is it necessary to parse the logs? Cant I forward logs as they are? do I
have to edit the apache configuration also?
I was trying to get it done from last one week.
This is my latest syslog-ng.conf
source s_all {
internal();
unix-stream("/dev/log");
file("/proc/kmsg" program_override("kernel: "));
file("/var/log/httpd/access_log" follow_freq(1) flags(no-parse));
file("/var/log/httpd/error_log" follow_freq(1) flags(no-parse));
};
destination d_graylog {
udp("ec2-xxx.xxx.xxx.xxx.compute-1.amazonaws.com" port(514));
};
log {
source(s_all); destination(d_graylog);
};
But when I restart,I get this erro.
Starting syslog-ng: syntax error at 82
Parse error reading configuration file, exiting. (line 82) [FAILED]
What is the right way?
Please advice.
--
You received this message because you are subscribed to the Google Groups
"graylog2" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
