| View previous topic :: View next topic |
| Author |
Message |
Seather
Apprentice
Joined: 23 May 2003
Posts: 194
Location: South Africa
|
 Posted: Tue Feb 27, 2007 5:27 pm Post subject: Logging /var/log/emerge.log through syslog-ng |
 |
|
I need to log the /var/log/emerge.log file through syslog-ng so that we can send it over to a central logging server.
For the moment I am just trying to get the emerge.log going "through" syslog-ng but I am guessing I don't exactly understand syslog-ng's configuration and missed something somewhere. This is what I have added to my syslog-ng.conf in the hopes of syslog-ng to pick it up and log it back into another file:
| Code: |
source emergesrc {
file("/var/log/emerge.log");
};
destination emerge {
file("/var/syslog/emerge.log");
};
log {
source(emergesrc);
destination(emerge);
};
|
However nothing comes in at /var/syslog/emerge.log (yes the directory '/var/syslog' is created).
Anyone knows what I might be missing? |
|
| Back to top |
|
 |
think4urs11
Bodhisattva
Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
|
| Posted: Tue Feb 27, 2007 7:05 pm Post subject: |
|
|
It'll not work that way.
a) quick and dirty:
| Code: | | logger -t EMERGELOG -f /var/log/emerge.log |
b) alternatively to cut off the epoch time information recorded in emerge.log
| Code: | | while read line; do echo $line | cut -d: -f2- | logger -t EMERGELOG; done </var/log/emerge.log |
c)
- create a pipe
- copy the contents of emerge.log plus other needed parameters in the correct format to that pipe
- have syslog-ng listening to that pipe
- have syslog-ng writing everything from this pipe towards /var/log/messages or a seperate file
I do c) in the office as i needed to have a possibility to import log files from (among other strange systems) IBM AS/400 which is not capable to do syslog at all to my central logserver. So i've hacked around this by transfering the logs via FTP to the log server and import them via pipe into syslog-ng. If you like i can post the neccessary steps to set this pipe etc. up correct tomorrow.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself |
|
| Back to top |
|
|
mimosinnet
l33t
Joined: 10 Aug 2006
Posts: 717
Location: Barcelona, Spain
|
| Posted: Wed May 09, 2007 8:23 am Post subject: |
|
|
| Think4UrS11 wrote: |
c)
- create a pipe
- copy the contents of emerge.log plus other needed parameters in the correct format to that pipe
- have syslog-ng listening to that pipe
- have syslog-ng writing everything from this pipe towards /var/log/messages or a seperate file
I do c) in the office as i needed to have a possibility to import log files from (among other strange systems) IBM AS/400 which is not capable to do syslog at all to my central logserver. So i've hacked around this by transfering the logs via FTP to the log server and import them via pipe into syslog-ng. If you like i can post the neccessary steps to set this pipe etc. up correct tomorrow. |
I would very much appreciate if you could post the necessary steps to set (c) as I am looking for a similar solution. Thanks! |
|
| Back to top |
|
|
|
Networking & Security
