Syslog: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
No edit summary
 
(8 intermediate revisions by the same user not shown)
Line 7: Line 7:
</syntaxhighlight>
</syntaxhighlight>


==Syslog Config==
Locate <code>/etc/syslog-ng/syslog-ng.conf</code> and make a backup of it then edit it. Alter the configuration settings so the options look like:


== References ==
<source lang="bash">
sudo tee -a /etc/syslog-ng/syslog-ng.conf >/dev/null <<'EOF'
options {(off);
flush_lines(10);
use_dns(persist_only);
use_fqdn(no);
owner("root");
group("adm");
perm(0640);
stats_freq(0);
bad_hostname("^gconfd$");
normalize_hostnames(yes);
keep_hostname(yes);
};
 
source s_net {
tcp((ip(127.0.0.1) port(1000) max-connections 5000)); udp ();
};
 
d_net_syslog { file("/var/log/syslog/remote/$HOSTNAME/syslog.log"); };
EOF
</source>
 
==Syslog levels==
Emergency (0)
Alert (1)
Critical (2)
Error (3)
Warning (4)
Notifications (5)
Information (6)
Debug (7)
 
==References==
{|
| valign="top" |
* [https://stackoverflow.com/questions/6437383/can-tcp-and-udp-sockets-use-the-same-port Can TCP and UDP sockets use the same port?]
* [https://stackoverflow.com/questions/6437383/can-tcp-and-udp-sockets-use-the-same-port Can TCP and UDP sockets use the same port?]
* [https://www.programcreek.com/java-api-examples/?api=org.productivity.java.syslog4j.server.SyslogServer Java Code Examples for Syslog Server]
* [https://www.programcreek.com/java-api-examples/?api=org.productivity.java.syslog4j.server.SyslogServer Java Code Examples for Syslog Server]
* [https://www.linuxjournal.com/content/creating-centralized-syslog-server Creating a Centralized Syslog Server]
* [https://www.linuxjournal.com/content/creating-centralized-syslog-server Creating a Centralized Syslog Server]
* [https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.16/administration-guide/10#TOPIC-956420 <code>syslog-ng</code> Open Source Edition]
* [https://github.com/CloudBees-community/syslog-java-client CloudBees Syslog Java Client]
* [https://www.comparitech.com/net-admin/best-free-syslog-servers-for-linux-and-windows/ 19 Best Syslog Server Tools]
* [https://www.elastic.co/logstash/ Logstash]
| valign="top" |
| valign="top" |
|-
| colspan="3" |
----
|-
| valign="top" |
| valign="top" |
| valign="top" |
|}

Latest revision as of 03:47, 28 July 2022

# for debian/ubuntu/kubuntu
apt-get install syslog-ng

# for redhat/centos/fedora
yum install syslog-ng

Syslog Config

Locate /etc/syslog-ng/syslog-ng.conf and make a backup of it then edit it. Alter the configuration settings so the options look like:

sudo tee -a /etc/syslog-ng/syslog-ng.conf >/dev/null <<'EOF'
options {(off);
flush_lines(10);
use_dns(persist_only);
use_fqdn(no);
owner("root");
group("adm");
perm(0640);
stats_freq(0);
bad_hostname("^gconfd$");
normalize_hostnames(yes);
keep_hostname(yes);
};

source s_net {
tcp((ip(127.0.0.1) port(1000) max-connections 5000)); udp ();
};

d_net_syslog { file("/var/log/syslog/remote/$HOSTNAME/syslog.log"); };
EOF

Syslog levels

Emergency (0)
Alert (1)
Critical (2)
Error (3)
Warning (4)
Notifications (5)
Information (6)
Debug (7)

References