Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-01-2011, 02:23 AM
|
#1
|
Member
Registered: Aug 2009
Posts: 73
Rep:
|
remote syslog server in linux
hi all,
I configured remote syslog server in order to log my routers logging messages. It will log all the Interface UP/Down Notifications.
But It didnt log the authentication (either successful or failure) messages once I log to remote router.
How can I enable this ? My syslog.conf configuration look like this(attached).
How can I modify this to acheive my requirement.
your responses are highly.
Last edited by harshaabba; 04-01-2011 at 04:32 AM.
|
|
|
04-01-2011, 03:26 AM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
your config is not attached.
our responses are highly what?
all traffic hitting the box should be logged, so it's more than likely that the logs do not exist, you've not said anything about what routers you're using, so commenting on their config is impossible. You can use tcpdump to watch incoming traffic and see if it exists and also what facility / priority it has in case something is slipping through the cracks, but that's unlikely.
|
|
|
04-01-2011, 04:39 AM
|
#3
|
Member
Registered: Aug 2009
Posts: 73
Original Poster
Rep:
|
remote syslog server in linux
hi all,
now I attached the config. Im using cisco routers. I confogigured following in my router
logging <syslog-server-ip>
logging source fa 0/0
logging trap notifications
I directeg all logging messages to /logs/cisco/cis file. Logs created except the loging authenication messages.
sample log file
Apr 1 13:48:52 [IP] 94855: Apr 1 13:48:51: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/0.91 (not half duplex), with 899F Ethernet0 (half duplex).
Apr 1 13:48:54 [IP] 113419: 21w0d: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/9, changed state to down
Apr 1 13:48:54 [IP] 113420: 21w0d: %LINK-3-UPDOWN: Interface GigabitEthernet0/9, changed state to down
Apr 1 13:49:07 [IP] 113421: 21w0d: %LINK-3-UPDOWN: Interface GigabitEthernet0/9, changed state to up
If a user try to log using incorrect username/password it should log in this file. But at the moment it's not happenning.
|
|
|
04-01-2011, 06:44 AM
|
#4
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
again, you need to show that the message is reaching the box, if it's not you can't blame the box itself can you?
|
|
|
04-01-2011, 07:01 AM
|
#5
|
Member
Registered: Aug 2009
Posts: 73
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
again, you need to show that the message is reaching the box, if it's not you can't blame the box itself can you?
|
I didnt get your point. Whats the fault with my configuration ?
|
|
|
04-01-2011, 07:24 AM
|
#6
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
you clearly don't get my point as I keep saying it's probably not your configuration at all. is the traffic hitting the box in the first place?
|
|
|
04-03-2011, 11:33 AM
|
#7
|
Member
Registered: Feb 2007
Distribution: Fedora, Mandrake, Knoppix, Windows XP
Posts: 37
Rep:
|
Could your cisco config be missing directives?
Have you tried the following:
login on-success log
login on-failure log
|
|
|
04-04-2011, 10:49 PM
|
#8
|
Member
Registered: Aug 2009
Posts: 73
Original Poster
Rep:
|
Quote:
Originally Posted by jdavis2
Have you tried the following:
login on-success log
login on-failure log
|
tnx davis .I got working this by doing your configuration.
|
|
|
04-05-2011, 06:08 PM
|
#9
|
Member
Registered: Feb 2007
Distribution: Fedora, Mandrake, Knoppix, Windows XP
Posts: 37
Rep:
|
That's great news, glad it work out for you.
|
|
|
All times are GMT -5. The time now is 01:56 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|