"jl" == Jeff Lane <[EMAIL PROTECTED]> writes:
jl> This should be a lot simpler than it is seeming right now, BUT, does jl> anyone have a link to info on syslog? I have read the Man pages for jl> syslog, syslogd, syslog.conf, etc etc and still havent found quite what jl> I am looking for...
jl> I know how to set up the servers to send their messages to the syslog jl> server, what I dont quite know, is how to set up the syslog server to jl> log the various incoming messages.
jl> For example, I would like to send all messages that normally go in jl> /var/log/messages to the syslog server, AND have the syslog server store jl> them in a file like this: hostname.messages. That way, I can have 10 jl> different machines logging to the syslog server, with each getting their jl> own logfile on the server to make parsing easier.
If I understand you correctly and your server will accept all your machines, then just add lines to /etc/syslog.conf such as:
*.info;authpriv.none;cron.none @XXX.XXX.com
Of course substituting your address for the log server. Then restarting syslog of course.
Oh that part is the easy part... I have no problems with the client side of things...
The hold up for me is the server side...
In other words, can I set up syslogd on the recieving server to segregate incoming log messages by type and machine? i.e. say I have log server called syslog.
And I have two web servers called web1 and web2. Now, I want to remote log all messages and such from web1 and web2 to the syslog machine.
Also, I want to make sure taht each machine gets their own logs on syslog...
SO, web1 and web2 send messages to syslog machine. Syslog machine then segregates incoming messages into seperage files for each web server..
that way when I ssh into the syslog machien I will see something like this:
/var/log/messages # messages log for the actual syslog machine. /var/log/messages.web1 # messages that came from web1 /var/log/messages.web2 # messages that came from web2
And thats the simplistic way of looking at it... I personally would not have a problem if each machine only generated one log file for everything, as I will use something like logwatch or such to monitor each log for specific things...
but It would be even nicer if I could have something like this:
/var/log/<logfiles> # local log files on the syslog server
/var/log/web1/ #dir for all web1 log files (httpd/access, messages, secure, maillog, etc)
/ver/log/web2/ #dir for all web2 log files
Thanks Jeff
-- Jeffrey Lane ConnectNC.com / Internet of the Sandhills [EMAIL PROTECTED]
chown -r us:us /yourbase/
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
