Quote:
Originally Posted by nishith
Hello,
I want to configure "syslog" server in Linux to fetch my LAN Server logs,having Linux 7 Windows OS. Also I have Juniper & Watch Guard Firewall connected with many WAN & LAN Users to communication.
So, I would like to configure below things.
1) Centralized syslog server (RedHat/CentOS) to fetch all logs from all network devices & servers.
|
Syslogs aren't 'fetched'. If your Linux machine is running a syslog server, you have to enable/allow syslog traffic into the box. From there, if you're using syslog-ng, you can separate the log files based on IP addresses. Syslogs are 'pushed' from the remote servers, TO the central syslog server. There are many documents you can find for setting up syslog-ng on CentOS, and if you're not going to pay for support from RedHat, then don't use it...use CentOS instead.
Quote:
2) Represent all fetched "syslog" logs into nice GUI. Same like SARG or lightsquid shows all user accessed data into HTML format.
|
A brief Google search turns up lots of commercial products and free. Some free ones are listed here:
http://www.debianhelp.co.uk/syslogngweb.htm
Quote:
3) Total data traffic passed thru. Juniper & Watch Gurad firewall.
|
Ok...is that getting passed into syslogs, or captured somewhere on the devices? Might have to install ntop, since network traffic isn't something that's captured in syslogs.
Quote:
What configuration i need to do on linux client machines so that they will send logs directly on "syslog" server. I have read many online documentations on the internet,but i need step by step configuration.
|
Here are your 'step-by-step' instructions:
- Install Linux (you don't say if you've done this or not)
- Install syslog-ng, if it's not already installed.
- Configure syslog-ng to suit you
- Install the syslog GUI software of your choice
- Install network monitoring of your choice
We can't (and probably won't), give you personalized, one-on-one tech support on how to install and configure everything you want. If that's what you need, then you'd be well served by hiring an experienced consultant local to you, to get the job done. Otherwise, we'll be more than happy to help you with specific problems/questions you might have...post them, with details, and we can help.