LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-08-2009, 06:44 PM   #1
Biggen
Member
 
Registered: Sep 2004
Location: Panama City Beach FL
Distribution: Slackware 12.2
Posts: 199

Rep: Reputation: 31
Syslogd with Remote and .conf Questions


Hello,

I want my Slackware box to be a central log server that other boxes send to. I enabled remote logging via the "-r" option but am a little confused on how to setup the receiving Slackware /etc/syslog.conf file. Right now I added this to my syslog.conf file.

Code:
*.*@10.10.11.1         -/var/log/firewall
While this works, it also catches other crap in the log file that 10.10.11.1 is sending out (I CAN'T change what 10.10.11.1 sends out for various reasons). What I would like is for my Slackware box only to get this type of log info from 10.10.11.1 and write it to the /var/log/firewall:

Code:
Jul  8 15:39:41 10.10.11.1 ipmon[86]: 15:39:40.602362 ng0 @0:23 b 111.111.111.111,17332 -> 123.123.123.123,19401 PR udp len 20 129 IN
I know that my "*.*" is a wild card and will capture ANYTHING coming from 10.10.11.1. I have tried doing stuff like "ipmon[86].@10.10.11.1" and "*.ipmon[86]@10.10.11.1" but can't seem to quite figure it out. I'm sure it's just a syntax problem...

Any ideas?

Last edited by Biggen; 07-08-2009 at 06:46 PM.
 
Old 07-14-2009, 07:53 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
Filtering isn't something old school Syslog does. See Syslog-NG?
 
Old 07-14-2009, 10:58 PM   #3
Biggen
Member
 
Registered: Sep 2004
Location: Panama City Beach FL
Distribution: Slackware 12.2
Posts: 199

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by unSpawn View Post
Filtering isn't something old school Syslog does. See Syslog-NG?
Thanks unSpawn. I kinda "forgot" about this since I didn't get any responses. I'll check out Syslog-NG
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
syslogd: server not recording remote events cygnal Linux - Server 8 10-22-2008 03:25 PM
Syslogd - Logging test data from a remote device cmfarley19 Linux - Networking 2 07-09-2008 08:09 PM
Remote access to X11 - What do i need in my xorg.conf Boffy Linux - Server 2 05-04-2008 12:13 PM
some questions about smb.conf fritz001 Slackware 6 09-28-2004 04:34 PM
Couple syslogd questions phek Linux - General 2 11-21-2001 02:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 10:15 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration