Loyd Goodbar wrote:
>
> I added the following line to my syslog.conf for host europa:
> *.* @leda
>
> (I will replace this with *.crit @leda when I verify it's working.)
>
> This should send all syslogged messages to host @leda (on the same subnet). I
> haven't seen anything telling my how to view these messages on leda (Europa is
> a headless system). What I want to do is have messages from europa to appear
> on leda on TTY10.
>
You have to start syslog with the -r flag to make it accept remote logging.
Modify syslog in /etc/rc.d/init.d
> I've restarted syslog, but don't see the messages. Do I need to do something
> in leda's syslog.conf? I looked in man and one of the IP admin books I have,
> but neither referred to remote logging, except that you specify a remote host.
> They don't say how you filter/scan the messages on the remote end.
>
What do you want to scan?? There are a number of log watchers, take your
pick. I run logcheck to scan my logs for problems on my server and another
headless machine that runs LRP and serves as a firewall/router with portsentry.
Logcheck sends mail (one an hour in this case) about any problems
it sees including scans & such on the router box.
Best
Cokey
--
------------------------------------------------------------------
Cokey de Percin, DBA Email:
Policy Management Systems Corp. Work - [EMAIL PROTECTED]
Columbia, South Carolina Home - [EMAIL PROTECTED]
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
