Syslog: Difference between revisions
Jump to navigation
Jump to search
(3 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== References == | ==Syslog Config== | ||
Locate <code>/etc/syslog-ng/syslog-ng.conf</code> and make a backup of it then edit it. Alter the configuration settings so the options look like: | |||
<source lang="bash"> | |||
sudo tee -a /etc/syslog-ng/syslog-ng.conf >/dev/null <<'EOF' | |||
options {(off); | |||
flush_lines(10); | |||
use_dns(persist_only); | |||
use_fqdn(no); | |||
owner("root"); | |||
group("adm"); | |||
perm(0640); | |||
stats_freq(0); | |||
bad_hostname("^gconfd$"); | |||
normalize_hostnames(yes); | |||
keep_hostname(yes); | |||
}; | |||
source s_net { | |||
tcp((ip(127.0.0.1) port(1000) max-connections 5000)); udp (); | |||
}; | |||
d_net_syslog { file("/var/log/syslog/remote/$HOSTNAME/syslog.log"); }; | |||
EOF | |||
</source> | |||
==Syslog levels== | |||
Emergency (0) | |||
Alert (1) | |||
Critical (2) | |||
Error (3) | |||
Warning (4) | |||
Notifications (5) | |||
Information (6) | |||
Debug (7) | |||
==References== | |||
{| | |||
| valign="top" | | |||
* [https://stackoverflow.com/questions/6437383/can-tcp-and-udp-sockets-use-the-same-port Can TCP and UDP sockets use the same port?] | * [https://stackoverflow.com/questions/6437383/can-tcp-and-udp-sockets-use-the-same-port Can TCP and UDP sockets use the same port?] | ||
* [https://www.programcreek.com/java-api-examples/?api=org.productivity.java.syslog4j.server.SyslogServer Java Code Examples for Syslog Server] | * [https://www.programcreek.com/java-api-examples/?api=org.productivity.java.syslog4j.server.SyslogServer Java Code Examples for Syslog Server] | ||
Line 15: | Line 53: | ||
* [https://www.comparitech.com/net-admin/best-free-syslog-servers-for-linux-and-windows/ 19 Best Syslog Server Tools] | * [https://www.comparitech.com/net-admin/best-free-syslog-servers-for-linux-and-windows/ 19 Best Syslog Server Tools] | ||
* [https://www.elastic.co/logstash/ Logstash] | * [https://www.elastic.co/logstash/ Logstash] | ||
| valign="top" | | |||
| valign="top" | | |||
|- | |||
| colspan="3" | | |||
---- | |||
|- | |||
| valign="top" | | |||
| valign="top" | | |||
| valign="top" | | |||
|} |
Latest revision as of 03:47, 28 July 2022
# for debian/ubuntu/kubuntu
apt-get install syslog-ng
# for redhat/centos/fedora
yum install syslog-ng
Syslog Config
Locate /etc/syslog-ng/syslog-ng.conf
and make a backup of it then edit it. Alter the configuration settings so the options look like:
sudo tee -a /etc/syslog-ng/syslog-ng.conf >/dev/null <<'EOF'
options {(off);
flush_lines(10);
use_dns(persist_only);
use_fqdn(no);
owner("root");
group("adm");
perm(0640);
stats_freq(0);
bad_hostname("^gconfd$");
normalize_hostnames(yes);
keep_hostname(yes);
};
source s_net {
tcp((ip(127.0.0.1) port(1000) max-connections 5000)); udp ();
};
d_net_syslog { file("/var/log/syslog/remote/$HOSTNAME/syslog.log"); };
EOF
Syslog levels
Emergency (0) Alert (1) Critical (2) Error (3) Warning (4) Notifications (5) Information (6) Debug (7)
References
| ||