LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   How to setup a syslog server (https://www.linuxquestions.org/questions/linux-general-1/how-to-setup-a-syslog-server-270113/)

anandhg02 12-25-2004 12:39 AM
How to setup a syslog server
 
I am having a D-Link DFL-500 hardware firewall. I have an option like to log all the activities to a syslog server in it. So I want to setup a syslog server in Fedora Core 2 and to log all the activities of the firewall.

Plz guide me to setup a syslog server.

bulliver 12-25-2004 03:40 AM
Your FC2 most certainly already has a system logger installed. All you need to do is set it up to accept connections from the firewall.

This step is dependant on which logger you use. To see which one try:
Code:
# rpm -qa | grep syslog
The two most popular are the newer syslog-ng and the older but trusty syslogd. Once you find this out I can probably help you out more.

anandhg02 12-26-2004 10:17 PM
Sir, I am having sysklogd

#rpm -qa sysklogd
sysklogd-1.4.1-16

This includes the syslogd daemon. Plz guide me on how to setup a syslog for DLINK firewall

bulliver 12-26-2004 10:29 PM
Ok, the only thing you have to do is restart syslogd with the '-r' command line switch. You will need to edit syslog's startup script (in /etc/rc.d or /etc/init.d) to make this permanent. Now syslogd will be listening on UDP port 514.

Here is a link to help:
http://freebooks.by.ru/view/LinuxNet...htm#Heading327

As for configuring the dlink, I cannot help..read the docs and make it log to your box on port 514

HTH.

anandhg02 12-26-2004 10:40 PM
Thank you sir, I will try this and come back to you, if I am having any problem

bulliver 12-26-2004 10:50 PM
No prob, and please, no need to call me "sir", as I am still too young and foolish to deserve such a title :)

anandhg02 12-28-2004 12:03 AM
I had setup my D-Link to log to my syslog server.
It is sending messages, but all the messages goes into /var/log/messages. The following is one of a log made by D-Link.
============================================================
Dec 28 11:33:40 192.168.100.5 type=mgmt, msg="Log&Report setting set successful at 192.168.100.1 by admin"
============================================================

Is it possible to make the logging to some other file such as to log all the log comming from D-Link to /var/log/dlink.

bulliver 12-28-2004 12:30 AM
I am sorry, but I don't think you can with syslogd, but I may be wrong. There doesn't seem to be a facility for seperating messages from your dlink. Have a good look at man 5 syslog.conf to be sure...

You can do this however, with syslog-ng


All times are GMT -5. The time now is 09:47 PM.