Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 338
Rep:
Getting logs from a remote syslog
I've asked a similar question in another thread but i've realised that i've not understood the whole concept of syslogging.
Anyways, what i want to know is how can i get logs remotely from a syslog daemon.
I have a Linux box and a Cisco server which generates logs via it's syslog daemon. How can i make my Linux box read these logs? I thought that there exist "syslog clients" but i googled in vain. So i came up with the conclusion that they do not exist, and therefore i must take a different approach. Thanks in advance. Ganni.
Remote syslog works the other way around. You don't use a client to read the logs on a remote system. It sends the logs to another system rather than writing them locally. In Linux this is done by using "@loghost.domain" instead of "/path/to/logfile". Also depending on your syslog daemon, you may also need to config syslogd to listen for log submissions from other hosts. See the man pages for syslogd and syslog.conf for full details.
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 338
Original Poster
Rep:
Ok i've basically did more research and found out that i need to run the syslog daemon on my Linux box with a '-r' argument to listen for remote logs from the Cisco server. I need to tell the Cisco server to send logs to my linux box which has an IP of 10.0.0.3, and simply start the daemon on the linux box side. Two questions arise though - (1) can i use @10.0.0.3 (instead of @host.domain) for the syslog daemon? & (2) Where will the remote logs be saved? Or do I need to tell the daemon something like: files coming from Cisco, are to be placed on /my/dir_of_choice?
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 338
Original Poster
Rep:
Thanks for your quick reply. However my setup is a bit strange - I have this Cisco server which has a fixed public IP say 111.111.111.111, and my Linux box is inside a LAN (The public IP of the LAN is for example 111.111.111.112, whereas the internal private IP of the Linux box is 10.0.0.3). If I tell the Cisco's daemon to output the logs on @111.111.111.112, will my linux box still receive logs?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
