Re: Collect logs with syslog +hostname
On 29.07.2015 16:31, Gregory Edigarov wrote: On 07/29/2015 03:46 PM, Atanas Vladimirov wrote: Thanks for the hint. Actually I modified syslog.conf to begin with ++wdr4900 *.* /var/log/w4900 +* because I wanted all records from OpenWRT router to be in one place (/var/log/w4900). It seems that the real problem/misunderstanding was the part with /etc/hosts. Why syslogd doesn't use /etc/resolve.conf? Because at the time of developing the patch (I was developing it for myself) I wanted it to be as small and as less invasive as possible. I could have made it work with the resolver, but that was: 1. more invasive 2. less secure 3. it wouldn't be accepted I got it. Thanks for your work. If you need more complex log processing, you _should_ look at different projects like rsyslog, syslog-ng or nxlog. I don't need anything more complex. That's why I use OpenBSD. I think that it *may* be a good idea to add a note in SYSLOG.CONF(5) about /etc/hosts.
Re: Collect logs with syslog +hostname
On Wed, 29 Jul 2015 15:46:46 +0300 Atanas Vladimirov wrote: > It seems that the real problem/misunderstanding was the part with > /etc/hosts. > Why syslogd doesn't use /etc/resolve.conf? > This box is configured as recursive dns server (unbound). > imho, /etc/hosts is much faster lookup than resolv.conf.
Re: Collect logs with syslog +hostname
On 28.07.2015 15:24, Gregory Edigarov wrote: On 07/28/2015 03:20 PM, Gregory Edigarov wrote: On 07/28/2015 02:41 PM, Atanas Vladimirov wrote: Hi, I tried the new feature of syslogd to collect log messages from other syslog capable devices (in this case an OpenWRT router). I red syslog.conf many times, but I can't figure it why it doesn't work. [ns]~$ cat /etc/syslog.conf # $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $ # +wdr4900.bsdbg.net *.* /var/log/w4900 move the above 2 lines to the end of your file. remove next line: +* next, add 192.168.1.18 wdr4900 to /etc/hosts also, change the syslog rule as: + wdr4900 *.* /var/log/w4900 and things will work Thanks for the hint. Actually I modified syslog.conf to begin with ++wdr4900 *.* /var/log/w4900 +* because I wanted all records from OpenWRT router to be in one place (/var/log/w4900). It seems that the real problem/misunderstanding was the part with /etc/hosts. Why syslogd doesn't use /etc/resolve.conf? This box is configured as recursive dns server (unbound).
Re: Collect logs with syslog +hostname
On 07/28/2015 03:20 PM, Gregory Edigarov wrote: On 07/28/2015 02:41 PM, Atanas Vladimirov wrote: Hi, I tried the new feature of syslogd to collect log messages from other syslog capable devices (in this case an OpenWRT router). I red syslog.conf many times, but I can't figure it why it doesn't work. [ns]~$ cat /etc/syslog.conf # $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $ # +wdr4900.bsdbg.net *.* /var/log/w4900 move the above 2 lines to the end of your file. remove next line: +* next, add 192.168.1.18 wdr4900 to /etc/hosts also, change the syslog rule as: + wdr4900 *.* /var/log/w4900 and things will work
Re: Collect logs with syslog +hostname
On 07/28/2015 02:41 PM, Atanas Vladimirov wrote: Hi, I tried the new feature of syslogd to collect log messages from other syslog capable devices (in this case an OpenWRT router). I red syslog.conf many times, but I can't figure it why it doesn't work. [ns]~$ cat /etc/syslog.conf # $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $ # +wdr4900.bsdbg.net *.* /var/log/w4900 move the above 2 lines to the end of your file. remove next line: +* next, add 192.168.1.18 wdr4900 to /etc/hosts and things will work
Collect logs with syslog +hostname
Hi, I tried the new feature of syslogd to collect log messages from other syslog capable devices (in this case an OpenWRT router). I red syslog.conf many times, but I can't figure it why it doesn't work. [ns]~$ cat /etc/syslog.conf # $OpenBSD: syslog.conf,v 1.17 2005/05/25 07:35:38 david Exp $ # +wdr4900.bsdbg.net *.* /var/log/w4900 +* !!spamd daemon.err;daemon.warn;daemon.info /var/log/spamd !* !!ppp daemon.err;daemon.warn;daemon.info /var/log/ppp.log !* !!pptp daemon.err;daemon.warn;daemon.info /var/log/ppp.log !* *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none /var/log/messages kern.debug;syslog,user.info /var/log/messages auth.info /var/log/authlog authpriv.debug /var/log/secure cron.info /var/cron/log daemon.info /var/log/daemon ftp.info/var/log/xferlog lpr.debug /var/log/lpd-errs mail.info /var/log/maillog #uucp.info /var/log/uucp [ns]~$ ping wdr4900.bsdbg.net PING wdr4900.bsdbg.net (192.168.1.18): 56 data bytes 64 bytes from 192.168.1.18: icmp_seq=0 ttl=64 time=0.267 ms 64 bytes from 192.168.1.18: icmp_seq=1 ttl=64 time=0.220 ms 64 bytes from 192.168.1.18: icmp_seq=2 ttl=64 time=0.228 ms --- wdr4900.bsdbg.net ping statistics --- 3 packets transmitted, 3 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.220/0.238/0.267/0.024 ms OpenBSD 5.8-beta (GENERIC.MP) #1152: Tue Jul 14 12:08:52 MDT 2015 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4008378368 (3822MB) avail mem = 3883024384 (3703MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root
