| View previous topic :: View next topic |
| Author |
Message |
playahater
Guru
Joined: 02 Jul 2005
Posts: 382
Location: Serbia
|
 Posted: Sun Mar 12, 2006 1:48 pm Post subject: how to log files from router to syslog-ng ?? [solved] |
 |
|
I have syslog-ng and router with .. just syslog .. i have set up router to "send" log files to specific IPaddress and i need now to set up my system logger to somehow "receive" those log files.
I know that this is possible with some loggers but i`m not sure if it is possoble with syslog-ng. I saw syslog-ng`s man page and i didn`t saw anything interresting ..
So .. anyone got an idea how to configure syslog-ng to log files from the router`s logger, or on the other hand, how to configure some other syslog ??
10x in advance
Cheers
_________________
http://droopia.net
Last edited by playahater on Tue Mar 14, 2006 12:39 am; edited 1 time in total |
|
| Back to top |
|
 |
f.meltzer
n00b
Joined: 01 Jun 2003
Posts: 38
Location: Norway
|
| Posted: Sun Mar 12, 2006 4:06 pm Post subject: |
|
|
Yep, syslog-ng can do this, but you need du configure syslog-ng to accept "unix-streams". Check out the config example on gentoo-wiki.com: http://gentoo-wiki.com/Syslog-ng
_________________
fm |
|
| Back to top |
|
|
herojoker
n00b
Joined: 09 Sep 2005
Posts: 8
|
| Posted: Sun Mar 12, 2006 6:27 pm Post subject: |
|
|
Hi!
I assume you know the syntax of the syslog-ng.conf and how to use the following source which does the job for me:
source s_router { udp( ip(192.168.1.2) port(514) ); };
The IP-adress should be yours (the one the router sends his data to).
HTH
Hero Wanders |
|
| Back to top |
|
|
playahater
Guru
Joined: 02 Jul 2005
Posts: 382
Location: Serbia
|
| Posted: Mon Mar 13, 2006 1:00 am Post subject: |
|
|
I have tried and it won`t work ..  .. i`m missing something
when i put my IP address I get
| Code: |
zion / # /etc/init.d/syslog-ng start [ ok ]
* Starting syslog-ng ...
io.c: bind_inet_socket() bind failed 192.168.254.4:514 Cannot assign requested address
Error initializing configuration, exiting.
* Failed to start syslog-ng |
but, instead of that IP, when i put 127.0.0.1 .. it is working just fine .. therefore, the syntax is OK .. but somehow i can`t connect to my router ..
i double checked and i have allowed the acces to router from my IP address, but still it is not working
here`s my conf
| Code: | # $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.5 2005/05/12 05:46:10 mr_bones_ Exp $
#
# Syslog-ng default configuration file for Gentoo Linux
# contributed by Michael Sterrett
options {
chain_hostnames(off);
sync(0);
# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(43200);
};
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
source router { udp( ip(192.168.254.254) port(514) ); };
destination messages { file("/var/log/messages"); };
destination router { file("/var/log/router"); };
# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };
# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };
log { source(src); destination(messages); };
log { source(src); destination(console_all); };
log { source(router); destination(router); }; |
I assume, since i have allowed connection from my IP, i am not obligated to access it with user and pass, right ?
here is what is said in router`s configuration about syslog
| Quote: | Syslog Server
The router can act as a Syslog client, automatically sending system event messages to one or more Unix Syslog servers.
The Syslog Sever List display list of IP address of currently defined Syslog server. |
and right after that there is a field named "Syslog Server IP Address" .. and there is my IP in that field .. but still not working ..
any idea ??
_________________
http://droopia.net |
|
| Back to top |
|
|
think4urs11
Bodhisattva
Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
|
| Posted: Mon Mar 13, 2006 7:32 am Post subject: |
|
|
as a first start replace
| Code: | | source router { udp( ip(192.168.254.254) port(514) ); }; |
with
| Code: | | source router ( udp(); }; |
It is not *needed* to set the values explictly. Without them set syslog-ng takes as default 0.0.0.0:514 (in other words it binds to any ip address the machine has)
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself |
|
| Back to top |
|
|
playahater
Guru
Joined: 02 Jul 2005
Posts: 382
Location: Serbia
|
| Posted: Mon Mar 13, 2006 11:58 pm Post subject: |
|
|
| Think4UrS11 wrote: | as a first start replace
| Code: | | source router { udp( ip(192.168.254.254) port(514) ); }; |
with
| Code: | | source router ( udp(); }; |
It is not *needed* to set the values explictly. Without them set syslog-ng takes as default 0.0.0.0:514 (in other words it binds to any ip address the machine has) |
Well ... now it is working ... i mean .. i can start syslog-ng .. but there is no log file "router" under /var/log where I can see router`s logging ..
| Code: |
# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo,v 1.5 2005/05/12 05:46:10 mr_bones_ Exp $
#
# Syslog-ng default configuration file for Gentoo Linux
# contributed by Michael Sterrett
options {
chain_hostnames(off);
sync(0);
# The default action of syslog-ng 1.6.0 is to log a STATS line
# to the file every 10 minutes. That's pretty ugly after a while.
# Change it to every 12 hours so you get a nice daily update of
# how many messages syslog-ng missed (0).
stats(43200);
};
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };
source router { udp(); };
destination messages { file("/var/log/messages"); };
destination router { file("/var/log/router"); };
# By default messages are logged to tty12...
destination console_all { file("/dev/tty12"); };
# ...if you intend to use /dev/console for programs like xconsole
# you can comment out the destination line above that references /dev/tty12
# and uncomment the line below.
#destination console_all { file("/dev/console"); };
log { source(src); destination(messages); };
log { source(src); destination(console_all); };
log { source(router); destination(router); };
|
what am i doing wrong ??
P.S.- I have Efficient Networks 5861 DSL Router
10x in advance
Cheers
_________________
http://droopia.net |
|
| Back to top |
|
|
playahater
Guru
Joined: 02 Jul 2005
Posts: 382
Location: Serbia
|
| Posted: Tue Mar 14, 2006 12:39 am Post subject: |
|
|
sorry .. 
it is working .. but it needed some time to create file ..
10x Think4UrS11
Cheers
_________________
http://droopia.net |
|
| Back to top |
|
|
|
Other Things Gentoo
