Syslog

From Chorke Wiki
Jump to navigation Jump to search
# for debian/ubuntu/kubuntu
apt-get install syslog-ng

# for redhat/centos/fedora
yum install syslog-ng

Syslog Config

Locate /etc/syslog-ng/syslog-ng.conf and make a backup of it then edit it. Alter the configuration settings so the options look like:

sudo tee -a /etc/syslog-ng/syslog-ng.conf >/dev/null <<'EOF'
options {(off);
flush_lines(10);
use_dns(persist_only);
use_fqdn(no);
owner("root");
group("adm");
perm(0640);
stats_freq(0);
bad_hostname("^gconfd$");
normalize_hostnames(yes);
keep_hostname(yes);
};

source s_net {
tcp((ip(127.0.0.1) port(1000) max-connections 5000)); udp ();
};

d_net_syslog { file("/var/log/syslog/remote/$HOSTNAME/syslog.log"); };
EOF

Syslog levels

Emergency (0)
Alert (1)
Critical (2)
Error (3)
Warning (4)
Notifications (5)
Information (6)
Debug (7)

References