LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 01-10-2011, 11:38 PM   #1
mousa535
LQ Newbie
 
Registered: Nov 2010
Posts: 8

Rep: Reputation: 0
Ho To Make All Logs To Go To a Specific File


Hi All,

I configured syslog RHEL 5.5 server successfully to collecting logs from HP-UX servers and Cisco devices. but my problem when I create logs file on syslog server for each servers and routers, I see all logs of HP-UX servers and Cisco devices on each log file I created on syslog server.

And see below for all configuration.
==============================
First On Client Server Ex. HP-UX Server
Hostname: ruxdb02
IP Address: 10.8.1.51
==============================
1. Log in as root

# more /etc/syslog.conf

# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg *
*.debug<tab>@10.15.1.5

# more /etc/hosts

10.15.1.5 syslog

# /sbin/init.d/syslogd stop
# syslogd -v
# kill -HUP `cat /etc/syslog.pid`
# /sbin/init.d/syslogd start
==============================
Second On Syslog Server
Hostname: syslog
IP Address: 10.15.1.5
==============================
1. vi /etc/sysconfig/syslog

2. Change:
SYSLOGD_OPTIONS="-m 0"

To:
SYSLOGD_OPTIONS="-m 0 -r -x"

3. Restart the syslogd daemon

# /etc/init.d/syslog restart

And then you are received all logs on

/var/log/messages

4. and when i want to put all logs from different systems (Unix,windows,Cisco) into separate files on the red hat syslog
server

On the syslogd server - add for every client (UNIX, Windows, Cisco Devices)
in /etc/syslog.conf

# touch /var/log/ruxdb02.log
# touch /var/log/ruxdb01.log

# vi /etc/syslog.conf

+ruxdb02
*.* /var/log/ruxdb02.log

+ruxdb01
*.* /var/log/ruxdb01.log


Restart syslog daemon (after every edit on this file /etc/syslog.conf) .
# /etc/init.d/syslog restart
==================================================================
==========

After that I can now see all logs of ruxdb02 on all file I created, Or in any file will be created under /var/log .

/var/log/ruxdb02.log
/var/log/ruxdb01.log
/var/log/messages

Note:
# rpm -q --whatprovides syslog
sysklogd-1.4.1-46.el5


How I can solving this problem and make all logs go to specific file ?

or

what is the correct configuration lines in syslog server to make all logs go to specific file ?

Thanks and Best Regards
 
Old 11-14-2012, 05:59 PM   #2
Russ
LQ Newbie
 
Registered: Dec 2004
Posts: 21

Rep: Reputation: 0
Hello, did you ever get any response to this or figure out how it should be done? I am looking to do exactly the same thing.

Thanks,

Russ
 
Old 11-20-2012, 09:11 AM   #3
linosaurusroot
Member
 
Registered: Oct 2012
Distribution: OpenSuSE,RHEL,Fedora,OpenBSD
Posts: 762
Blog Entries: 2

Rep: Reputation: 198Reputation: 198
Can you describe better what you are trying to do? If you want different kinds of log messages in different files create more selective rules on your central syslog machine. *.* or *.debug is the least selective thing possible.

Show a few lines of each type if you can.
 
Old 11-21-2012, 08:42 AM   #4
Russ
LQ Newbie
 
Registered: Dec 2004
Posts: 21

Rep: Reputation: 0
Quote:
Originally Posted by linosaurusroot View Post
Can you describe better what you are trying to do? If you want different kinds of log messages in different files create more selective rules on your central syslog machine. *.* or *.debug is the least selective thing possible.

Show a few lines of each type if you can.
I have a server that I want to use as a syslog server for a number of Cisco devices. I can get it running and accumulate the syslog data but I would like each device to log to its own file. The object here is to be able to go directly to a specific file in the logging directory and see all of the messages for that device. I have made something I thought was going to work based on a syslog.conf example I found with a web search but...all of the device logs wound up in the same file. I believe that the syslog data has the IP address and the hostname in each message so "grep" would work but I believe that using separate files is a better solution.

I'll try to get some examples of what I found and post them later and the logging devices are Cisco routers, switches and firewalls. I am using sysklogd as the logging daemon but I am open to suggestions.

Thanks for the reply and in advance for any assistance you can render,

Russ

Last edited by Russ; 11-21-2012 at 08:45 AM.
 
Old 11-21-2012, 09:09 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,155
Blog Entries: 54

Rep: Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794Reputation: 2794
Quote:
Originally Posted by Russ View Post
(..) I would like each device to log to its own file. (..) I am using sysklogd as the logging daemon but I am open to suggestions.
Both Ryslogd and Syslog-ng offer templates and filtering. "Old school" syslogd does not.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Way to make autofs mount to specific USB flash drive to specific folder? utahnix Linux - Software 2 11-24-2010 05:27 PM
[SOLVED] how to make grep to search a pattern in only specific file type mq15 Linux - Newbie 7 03-07-2010 09:41 AM
How to make a specific command(s) work for specific users or group only naren_0101bits Linux - General 3 08-28-2005 05:22 PM
How to make a specific command(s) work in a specific shell only naren_0101bits Linux - Newbie 3 08-28-2005 01:24 PM
how to make a file that will open specific things for you zexter Programming 2 11-06-2004 07:04 AM


All times are GMT -5. The time now is 09:20 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration