Slackware This Forum is for the discussion of Slackware Linux.
|
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-27-2014, 09:32 AM
|
#1
|
|
LQ Newbie
Registered: Apr 2010
Location: ZA
Distribution: Slackware 13, Ubuntu 9.10
Posts: 21
Rep: 
|
Windows -> syslog -> syslog
Hi all,
I have a Slackware router / firewall in each of our stores. These do remote logging to a Slackware server here at HO. I have windows machines in the stores which I have logging to the syslog on the router / firewall.
What I would like is for all the windows events arriving at the firewall syslog to also go through to the remote syslog at HO. Can this be done?
I thought getting the windows logging through to the firewall would automatically make it log to the remote server too.
Any assistance would be greatly appreciated. Thanks
Regards
|
|
|
|
|
06-27-2014, 11:59 AM
|
#2
|
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,808
|
Quote:
Originally Posted by andrewhiggs
Hi all,
I have a Slackware router / firewall in each of our stores. These do remote logging to a Slackware server here at HO. I have windows machines in the stores which I have logging to the syslog on the router / firewall.
What I would like is for all the windows events arriving at the firewall syslog to also go through to the remote syslog at HO. Can this be done?
I thought getting the windows logging through to the firewall would automatically make it log to the remote server too.
|
Windows systems (by default), don't send anything to *nix syslog servers. You would have to load and configure some sort of syslog daemon on the Windows system, such as:
http://edoceo.com/creo/winlogd
If you are seeing Windows events on the Slack systems now, then you may just have to configure what's getting sent to the 'mirror' syslog server, so those events are passed along. They may look different than what's getting logged now. |
|
|
1 members found this post helpful.
|
|
06-27-2014, 01:26 PM
|
#3
|
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
From "man syslogd"...
Code:
With normal syslogds you would get syslog-loops if you send out mes-
sages that were received from a remote host to the same host (or more
complicated to a third host that sends it back to the first one, and so
on). In my domain (Infodrom Oldenburg) we accidently got one and our
disks filled up with the same single message. :-(
To avoid this no messages received from a remote host are sent out to
another (or the same) remote host anymore. If you experience are setup
in which you need this behaviour, please use the -h command line
switch. However, this option needs to be handled with caution since a
syslog loop can fill up hard disks quite fast.
Bolding added. I haven't checked to see if the man page is lying.  |
|
|
|
|
06-27-2014, 06:52 PM
|
#4
|
|
LQ Veteran
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Rep: 
|
|
|
|
|
|
06-30-2014, 04:08 AM
|
#5
|
|
LQ Newbie
Registered: Apr 2010
Location: ZA
Distribution: Slackware 13, Ubuntu 9.10
Posts: 21
Original Poster
Rep:
|
Hi TBOne, Richard and Habitual
Thanks all for the replies. I already had the windows machine logging to the first syslog server so the software on windows was already working.
Richard, your hit worked. I feel a bit embarrassed that the answer to my question was actually in the man page. But thank you very much for pointing it out so politely. :-) It worked so all is sorted now. You are a star.
Regards
|
|
|
1 members found this post helpful.
|
|
06-30-2014, 09:04 AM
|
#6
|
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,808
|
Quote:
Originally Posted by andrewhiggs
Hi TBOne, Richard and Habitual
Thanks all for the replies. I already had the windows machine logging to the first syslog server so the software on windows was already working.
Richard, your hit worked. I feel a bit embarrassed that the answer to my question was actually in the man page. But thank you very much for pointing it out so politely. :-) It worked so all is sorted now. You are a star.
|
Thanks for posting back with the solution, and letting folks know what worked for you. |
|
|
|
All times are GMT -5. The time now is 07:26 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
