Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 340
Rep:
Getting logs from a remote syslog
I've asked a similar question in another thread but i've realised that i've not understood the whole concept of syslogging.
Anyways, what i want to know is how can i get logs remotely from a syslog daemon.
I have a Linux box and a Cisco server which generates logs via it's syslog daemon. How can i make my Linux box read these logs? I thought that there exist "syslog clients" but i googled in vain. So i came up with the conclusion that they do not exist, and therefore i must take a different approach. Thanks in advance. Ganni.
Remote syslog works the other way around. You don't use a client to read the logs on a remote system. It sends the logs to another system rather than writing them locally. In Linux this is done by using "@loghost.domain" instead of "/path/to/logfile". Also depending on your syslog daemon, you may also need to config syslogd to listen for log submissions from other hosts. See the man pages for syslogd and syslog.conf for full details.
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 340
Original Poster
Rep:
Ok i've basically did more research and found out that i need to run the syslog daemon on my Linux box with a '-r' argument to listen for remote logs from the Cisco server. I need to tell the Cisco server to send logs to my linux box which has an IP of 10.0.0.3, and simply start the daemon on the linux box side. Two questions arise though - (1) can i use @10.0.0.3 (instead of @host.domain) for the syslog daemon? & (2) Where will the remote logs be saved? Or do I need to tell the daemon something like: files coming from Cisco, are to be placed on /my/dir_of_choice?
Distribution: RH 7.3/8.0/9.0, Debian Stable 3.0, FreeBSD 5.2, Solaris 8/9/10,HP-UX
Posts: 340
Original Poster
Rep:
Thanks for your quick reply. However my setup is a bit strange - I have this Cisco server which has a fixed public IP say 111.111.111.111, and my Linux box is inside a LAN (The public IP of the LAN is for example 111.111.111.112, whereas the internal private IP of the Linux box is 10.0.0.3). If I tell the Cisco's daemon to output the logs on @111.111.111.112, will my linux box still receive logs?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.