send log messages to another system
 

Hi,

I am trying to set up a centralized log server. I want the logs from all my systems to go to one particular server. So on the system that I intend setting up as a log server, I edited the /etc/sysconfig/syslog file to include the -r option in the following line:

SYSLOGD_OPTIONS="-m 0 -r"

However, I have another problem. I want to be able to send the logs of each system to a different file. How can that be done? Any help is greatly appreciated.

Thanks,
Anurag

The only way I'm aware of would be to output messages to a pipe to a process that can then separate them by host.

Hi,

Thanks for the response. I figured out that it cannot be done with the standard syslog.

- Anurag

Can you please help? I modified my syslog.conf

*.* @X.X.X.X

I have also added a hostname and tried it here also. I am able to ping the syslog server just fine. I know it works as other machines (solaris boxes are sending data to it) I have restarted the syslog service along with rebooting the whole system.



What steps am i missing? Thanks in advance

Hi,

Have you configured the log server to accept logs? You would have to edit the /etc/sysconfig/syslog file to have the following line:

SYSLOGD_OPTIONS="-m 0 -r"
After that is done, you will have to restart syslogd

- Anurag

I am not sure, but considering many other machines and cisco devices are sending logs to the syslog server, I would imagine so. Any other thoughts?

bump

have you looked at netdump?
Netdump will allow you to send all syslog&console messages to a netdump server. Very handy if you experience a panic and the dozy sysadmin does not capture the trace ;)