Re: how do i log another device to syslog?
On Wed, Jan 15, 2003 at 03:55:01PM -0800, Bsd Neophyte wrote: --- Stijn Hoop [EMAIL PROTECTED] wrote: syslogd_flags=-a 1.2.3.4/32 in /etc/rc.conf should work according to the manpage. Maybe even syslogd_flags= is enough, but by default syslogd_flags is -s which doesn't allow peer logging. See /etc/defaults/rc.conf and man syslogd. i've done this, now what file would the webramp messages log to? also, how can i have the webramp logs in their own file? See 'man syslog.conf'. You need to edit /etc/syslog.conf to tell syslogd to route all messages from a host to separate files. They will appear in /var/log, just like your 'regular' logs from syslog (ie /var/log/messages, /var/log/security etc). HTH, --Stijn -- The right half of the brain controls the left half of the body. This means that only left handed people are in their right mind. msg15645/pgp0.pgp Description: PGP signature
Re: how do i log another device to syslog?
--- Stijn Hoop [EMAIL PROTECTED] wrote: See 'man syslog.conf'. You need to edit /etc/syslog.conf to tell syslogd to route all messages from a host to separate files. They will appear in /var/log, just like your 'regular' logs from syslog (ie /var/log/messages, /var/log/security etc). i have, and the explanation is extremely cryptic. i gather that this has something to do with my problem: A hostname specification of the form `#+hostname' or `+hostname' and the following blocks will be applied to messages received from the specified hostname. Alternatively, a hostname specification `#-hostname' or `-hostname' causes the following blocks to be applied to messages from any host but the one specified. If the hostname is given as `@', the local hostname will be used. A program or hostname specifi- cation may be reset by giving the program or hostname as `*'. it doesn't make any sense to me, and there are no examples in the man page that are useful to my sittuation. it seems that i'm having other issues as well. this is what i'm now running for syslogd: syslogd -v -a x.x.x.x/11:syslog -a x.x.x.x/24:syslog when i do netstat -a, i see the following for syslogd: udp4 0 0 *.syslog *.* it's state is blank. so right now, nothing is happening. i constantly check /var/log/messages to see if anything new appeared from either host, but the box doesn't seem to be logging anything. anyone else wanna help with this one? -Sameer __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: how do i log another device to syslog?
On Thu, Jan 16, 2003 at 03:07:05AM -0800, Bsd Neophyte wrote: --- Stijn Hoop [EMAIL PROTECTED] wrote: See 'man syslog.conf'. You need to edit /etc/syslog.conf to tell syslogd to route all messages from a host to separate files. They will appear in /var/log, just like your 'regular' logs from syslog (ie /var/log/messages, /var/log/security etc). i have, and the explanation is extremely cryptic. I concur, it isn't simple. The following is untested but it appears that it should work from my reading of the manpage (unfortunately, although I do intend to use this setup sometime, I don't have time right now to test it). Append this to your /etc/syslog.conf and kill -HUP syslogd: +remotehost *.* /var/log/remotehost And then see if /var/log/remotehost gets filled. it seems that i'm having other issues as well. this is what i'm now running for syslogd: syslogd -v -a x.x.x.x/11:syslog -a x.x.x.x/24:syslog That looks good. when i do netstat -a, i see the following for syslogd: udp4 0 0 *.syslog *.* it's state is blank. So it is listening for other messages, that's also good. so right now, nothing is happening. i constantly check /var/log/messages to see if anything new appeared from either host, but the box doesn't seem to be logging anything. I guess it needs to be told specifically to log messages from the box. Try the above and let me know, it will be helpful for me as well :) BTW, for testing, check out logger(1) -- you can use it to send test messages to syslogd (and thus across the network). --Stijn -- Help Wanted: Telepath. You know where to apply. msg15647/pgp0.pgp Description: PGP signature
Re: how do i log another device to syslog?
--- Stijn Hoop [EMAIL PROTECTED] wrote: Try the above and let me know, it will be helpful for me as well :) BTW, for testing, check out logger(1) -- you can use it to send test messages to syslogd (and thus across the network). --Stijn okay... i tried it. when i re-ran syslogd i was given this message: - syslogd: child pid 12908 exited with return code 1 - i've been trying to see if anything would be recorded... but so far nothing. the 806 and the webramp both are showing activity, but nothing is being logged. -Sameer __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
how do i log another device to syslog?
i finally was able to get configuration on my Cisco 806 to allow for a hole though my reflexive access lists. anwyays, that's not really important now. what i need to know is how i enable syslog to log messages from my sonicwall security appliance? the sonicawall is set to communicate with a syslog server. i've told it to contact the FreeBSD box, but i don't know how to enable to FreeBSD box to record the requests. can anyone help me out? __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: how do i log another device to syslog?
On Wed, Jan 15, 2003 at 05:01:50AM -0800, Bsd Neophyte wrote: i finally was able to get configuration on my Cisco 806 to allow for a hole though my reflexive access lists. anwyays, that's not really important now. what i need to know is how i enable syslog to log messages from my sonicwall security appliance? the sonicawall is set to communicate with a syslog server. i've told it to contact the FreeBSD box, but i don't know how to enable to FreeBSD box to record the requests. can anyone help me out? syslogd_flags=-a 1.2.3.4/32 in /etc/rc.conf should work according to the manpage. Maybe even syslogd_flags= is enough, but by default syslogd_flags is -s which doesn't allow peer logging. See /etc/defaults/rc.conf and man syslogd. HTH, --Stijn -- What would this sentence be like if it weren't self-referential? msg15563/pgp0.pgp Description: PGP signature
Re: how do i log another device to syslog?
--- Stijn Hoop [EMAIL PROTECTED] wrote: syslogd_flags=-a 1.2.3.4/32 in /etc/rc.conf should work according to the manpage. Maybe even syslogd_flags= is enough, but by default syslogd_flags is -s which doesn't allow peer logging. See /etc/defaults/rc.conf and man syslogd. i've done this, now what file would the webramp messages log to? also, how can i have the webramp logs in their own file? __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message