LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-26-2009, 11:03 AM   #1
sir-lancealot
Member
 
Registered: Aug 2007
Posts: 336

Rep: Reputation: 31
syslog-ng trying for remote logging


I have gone back and forth with reading, testing, and have very little hair left! Anyway, have 7 webservers which I wish to remote log just the weblogs. All webservers are running Ubuntu 8.10, syslog-ng. Command line was a bit tricky, so tried webmin, and did the following;

1st, simply removed the # in the #upd() on the server and restarted;

2nd setup log source, checked the selected stream box, and selected the 1st website access file to test /var/log/apache2/www.website1.com-access_log.

3rd, created log_destination, selected the syslog radio button, entered the local IP, selected UDP.

4th went to log_target, selected the source (step 2) and desination (step 3) and saved. When I restarted syslog-ng I get the following;

* Starting system logging syslog-ng Error binding socket; addr='AF_UNIX(/var/log/apache2/www.website1.com-access_log)', error='Address already in use (98)'
Error initializing source driver; source='website1_access'
[fail]

root@ws7:/var/log/apache2# lsof | grep www.website1.com
apache2 12029 root 14w REG 8,1 15084543 2089517 /var/log/apache2/www.website1.com-error_log
apache2 12029 root 36w REG 8,1 3878226148 2089606 /var/log/apache2/www.website1.com-access_log
sys

So it seems that apache is still using/writing that log and I am not sure how to tell it to stop. It can't be remove it from the vhost as that is the file I said to stream. I have the client and server conf files up on a temp website, this really has me so confused and sure it's a simple thing!

http://www.darkerforce.com/syslog_server.conf
http://www.darkerforce.com/syslog_client.conf

note website1 is not the domain (did I really have to say that)! Shows how shot I am!

Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Remote syslog logging for apache logs linuxfia Linux - Software 2 02-02-2009 06:14 PM
Will the BFD or any brute force detector work if I am logging to a remote syslog serv abefroman Linux - Software 2 06-02-2008 05:08 AM
[syslog-ng] logging remote server by IP address noir911 Linux - Server 3 02-12-2008 03:25 AM
logging to a remote syslog server is dropping packets draeician73 Linux - Security 1 10-20-2004 06:19 PM
SYSLOG - logging to Remote Host dvong3 Linux - Networking 4 09-24-2002 07:14 AM


All times are GMT -5. The time now is 12:32 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration