It is currently Mon, 18 Mar 2024 21:10:33 GMT



 
Author Message
 syslogging across networks to a main log machine
I'm attempting to monitor six machines on our network via syslogd and have
set up a central machine for receiving and processing all of the logs.  I
can get one machine to log across the network and the logs appear in
/var/log/"blah" as it should.  Two questions, using six different machines,
is it possible to set up directories on the main log machine for each of the
different machines and is it possible to have multiple syslogd.conf files
for each of the machines and to load those config files with one main
syslogd.conf file?  For example:
Desk1===all logs go to @logmachine.isp.net====/var/log/desk1/*
Desk2===all logs go to @logmachine.isp.net====/var/log/desk2/*
Desk3===all logs go to @logmachine.isp.net====/var/log/desk3/*
Desk4===all logs go to @logmachine.isp.net====/var/log/desk4/*
Desk5===all logs go to @logmachine.isp.net====/var/log/desk5/*
Desk6===all logs go to @logmachine.isp.net====/var/log/desk6/*

My current syslog.conf file looks something like this:
mail.debug
/var/log/maillog
mail.debug
@logmachine.isp.net
*.notice;kern.debug;.info;mail.crit;news.err
/var/log/messages
*.notice;kern.debug;.info;mail.crit;news.err
@logmachine.isp.net

All logs by default get dumped into /var/log

I know that running syslogd -f you can specify different config files I just
don't know if you can make multiple syslog.conf files for each of the
different directories you want to place logs.  Like:
/var/log/desk1/syslog.conf

/var/log/desk2/syslog.conf

/var/log/desk3/syslog.conf........etc....
and have syslogd run:
syslogd -f /etc/syslog.conf;
/var/log/desk1/syslog.conf;/var/log/desk2/syslog.conf;/var/log/desk3/syslog.
conf...?

where /var/log/desk1/syslog.conf would have it's own criteria for logging.

Logging is a great debugging tool and I think is underrated.  Any advice is
greatly appreciated.  I'll be working on it in the meantime.
Thanks

Mark McCoy
m...@rightonthemark.com



 Fri, 02 Aug 2002 03:00:00 GMT   
 syslogging across networks to a main log machine

Hi Mark,

I don't know the answer to your direct question about seperate
directories, but you can always just parse the main file, and seperate
all of your host names.  

cat /var/log/messages | grep hostname > /var/log/DESK1/messages

...and so on.  With a little effort, you can set up a cronjob to
handle your tasks on daily basis, and even set up a program to scan
thru these files, and generate reports for you.  Logchecker is one
that comes to mind, and you can configure it to do your dirty work for
you....

Best of Luck,

Chris Ehly
Network Admin./CAD
Alpha Mechanical
San Diego, CA



 Mon, 05 Aug 2002 03:00:00 GMT   
 
   [ 2 post ] 

Similar Threads

1. syslogging across networks to a main log machine

2. logging in as root from across the network

3. How to display system log across network

4. Synchronizing unix machines across network

5. Syslogging external log data with 4.3

6. e-mail configuration main network and connecting network has same Domain

7. In Network neighborhood can see SAMBA machine, but can't log in

8. Iproute2 problem across networks using NAT and 2 internal networks

9. Main dial-up machine with NAT and cache...

10. What are the main reasons machines go down


 
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by ST Software