syslogging across networks to a main log machine
I'm attempting to monitor six machines on our network via syslogd and have
set up a central machine for receiving and processing all of the logs. I
can get one machine to log across the network and the logs appear in
/var/log/"blah" as it should. Two questions, using six different machines,
is it possible to set up directories on the main log machine for each of the
different machines and is it possible to have multiple syslogd.conf files
for each of the machines and to load those config files with one main
syslogd.conf file? For example:
Desk1===all logs go to @logmachine.isp.net====/var/log/desk1/*
Desk2===all logs go to @logmachine.isp.net====/var/log/desk2/*
Desk3===all logs go to @logmachine.isp.net====/var/log/desk3/*
Desk4===all logs go to @logmachine.isp.net====/var/log/desk4/*
Desk5===all logs go to @logmachine.isp.net====/var/log/desk5/*
Desk6===all logs go to @logmachine.isp.net====/var/log/desk6/*
My current syslog.conf file looks something like this:
mail.debug
/var/log/maillog
mail.debug
@logmachine.isp.net
*.notice;kern.debug;.info;mail.crit;news.err
/var/log/messages
*.notice;kern.debug;.info;mail.crit;news.err
@logmachine.isp.net
All logs by default get dumped into /var/log
I know that running syslogd -f you can specify different config files I just
don't know if you can make multiple syslog.conf files for each of the
different directories you want to place logs. Like:
/var/log/desk1/syslog.conf
/var/log/desk2/syslog.conf
/var/log/desk3/syslog.conf........etc....
and have syslogd run:
syslogd -f /etc/syslog.conf;
/var/log/desk1/syslog.conf;/var/log/desk2/syslog.conf;/var/log/desk3/syslog.
conf...?
where /var/log/desk1/syslog.conf would have it's own criteria for logging.
Logging is a great debugging tool and I think is underrated. Any advice is
greatly appreciated. I'll be working on it in the meantime.
Thanks
Mark McCoy
m...@rightonthemark.com