LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-22-2010, 03:13 PM   #1
tonj
Member
 
Registered: Sep 2008
Posts: 469

Rep: Reputation: 34
looking for syslog program


I'm running a cobalt raq550 web server (Linux version 2.6) and I want to install a syslog program on it, something that could log messages and send me an instant email in response to certain messages it receives. Is there such a program? Thanks for any help.
 
Old 06-22-2010, 05:08 PM   #2
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by tonj View Post
I'm running a cobalt raq550 web server (Linux version 2.6) and I want to install a syslog program on it, something that could log messages and send me an instant email in response to certain messages it receives. Is there such a program? Thanks for any help.
If it's running a real version of Linux, you've already got syslog installed. If not, you can install syslog-ng. That will log the messages.

Then, you can either use logwatch, or write your own script to look for patterns in file(s), and email you. You obviously need a mail server that can route/direct emails too. If you've already got an email server for your enterprise, and it's set to relay messages, a VERY basic sendmail/postfix installation is all you need. Point it to your existing mail server.
 
Old 06-22-2010, 05:43 PM   #3
tonj
Member
 
Registered: Sep 2008
Posts: 469

Original Poster
Rep: Reputation: 34
ok thanks, I took a peep into etc/init.d and there I saw syslog (red faced). So I suppose I do already have it. Now I have to work out how to use it. The raq550 is a command line beast so any further pointers would be appreciated.
 
Old 06-22-2010, 06:49 PM   #4
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by tonj View Post
ok thanks, I took a peep into etc/init.d and there I saw syslog (red faced). So I suppose I do already have it. Now I have to work out how to use it. The raq550 is a command line beast so any further pointers would be appreciated.
Well, you should be able to look into the syslog.conf file, and see where it's writing things. Once you find the locations, setting up logwatch is simple (tell it what files to monitor, and what to look for).

Sendmail/postfix setup should be easy too. Once installed, just set up the smarthost parameter, to point to your existing mail server. That way, logwatch (or your own program), can use the mail (or mailx) utility from the command line to send messages.
 
Old 06-22-2010, 07:11 PM   #5
tonj
Member
 
Registered: Sep 2008
Posts: 469

Original Poster
Rep: Reputation: 34
wow I actually managed to get it working. The messages are coming from my cisco router and they are being saved in a log file on the linux server. Just brilliant. One snag is that I've configured syslog.conf to save the log file to a location on the samba network so I can access it directly from a windows computer. Problem is the log file is generated with owner permissions only so I can't open or view it. Is there any way to configure the syslog program so it creates a log file with no restrictions on it?
 
Old 06-22-2010, 07:26 PM   #6
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 19,262

Rep: Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440Reputation: 4440
Quote:
Originally Posted by tonj View Post
wow I actually managed to get it working. The messages are coming from my cisco router and they are being saved in a log file on the linux server. Just brilliant. One snag is that I've configured syslog.conf to save the log file to a location on the samba network so I can access it directly from a windows computer. Problem is the log file is generated with owner permissions only so I can't open or view it. Is there any way to configure the syslog program so it creates a log file with no restrictions on it?
Probably not. Syslog files are created with tight permissions, so that users who do something nasty, won't be able to cover their tracks. You CAN try to change permissions on the file, but chances are the syslog program will whine about it. Try stopping syslog, doing (as root) "chmod 644 <logfile name>". That should let everyone READ the file at least, and syslog may let that go when it restarts. Never tried it, so I don't know.
 
Old 06-23-2010, 02:19 AM   #7
marafa
LQ Newbie
 
Registered: Sep 2008
Posts: 26

Rep: Reputation: 1
with regards to the permissions you could try chmod on the target log file and then to maintain the permissions you could research your system's logrotate settings for that file
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
syslog-ng -> syslog-ng logging, how to troubleshoot sir-lancealot Linux - Server 1 01-24-2009 07:07 AM
I need help getting syslog to log remotely, this is just the regular syslog. abefroman Linux - Software 2 06-05-2008 12:36 PM
syslog client to log to syslog-ng and itself noir911 Linux - Server 1 02-08-2008 10:51 AM
mysql integrate syslog-ng program error raiux Programming 2 11-04-2007 06:02 AM
LXer: Centralized Syslog Server Using syslog-NG LXer Syndicated Linux News 0 04-28-2006 07:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration