CentOS 5 :: Syslog Server For SOHO Infrastructure?
Aug 7, 2011
I have a dual-processor x86 box with CentOS 5 Linux 2.6.18-238.19.1.el5, mysql Ver 14.12 Distrib 5.0.77, and tons of storage space. I want to run a syslog solution on this box for a SOHO infrastructure. We've got routers, switches, Windows servers, other Linux boxes, etc. I've looked at syslog-ng, but it seems rather overkill, but I like the idea of storing logs in a MySql database. Is there anything I can yum install?
View 2 Replies
ADVERTISEMENT
May 9, 2011
I've recently installed CentOS 5, because I needed a good OS to run VMware Server. Just a heads up, I'm not very familiar with RH/CentOS distros, I usually use Arch Linux. My VMware install went fine, config is standard settings. Now I'm trying to access the VMware Infrastructure Web Access using port 8222 (http) and 8333 (https), but it's a no go. I'm connecting from another machine on the LAN, as the CentOS box is headless. I restarted the vmware services, and they seem to be launching fine. I don't know much about VMware though. I verified with netstat and ports 8222 and 8333 are listening.
View 3 Replies
View Related
Jun 1, 2011
I tried to install Syslog-ng-3.2.4 in Centos 5.6,when i need to start the deamon syslog-ng =>Failure and i have this message:
Code: [root@RelaisXXX etc]# service syslog-ng start Starting syslog-ng: Your configuration file uses an obsoleted keyword, please up Your configuration file uses an obsoleted keyword, please update your configurat
Error creating persistent state file; filename='/usr/local/var/syslog-ng.persist Starting Kernel Logger [FAILED]:
View 18 Replies
View Related
Jan 11, 2009
I open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
View 7 Replies
View Related
Nov 20, 2009
how to configure syslog server in centos?
View 3 Replies
View Related
Dec 11, 2010
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies
View Related
Mar 1, 2010
OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none/var/log/messages
Here is the logging section of my named.conf
# pwd
# /var/named/chroot/etc
logging
{
[code]....
View 5 Replies
View Related
May 5, 2009
trying to replace syslog with syslog-ng. When I:
yum erase syslog,
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
View 3 Replies
View Related
Apr 7, 2010
I would like to make a server in my home that could be used to backup old job files at a print shop that I work at, creating a low cost offsite backup for our backup server. It would only backup 30-200mb a night, depending on what size the various jobs are.
There are 4 workstations that backup to a network share hosted on a fileserver(tower). It only has a single TB drive, and now people are offloading files to this server to free there computer of disk space. This is going to be a problem once the "server" disk fails. The managment there will not pay a monthly fee for 500+GB of files we prob will never need, but cant delete. I was hoping I could create some sort of "online" backup hosted at my house. ( like amazon, carbonite but without the fancy gui)
After researching a while I can't seem to come up with a great solution (partly due to my lack of networking knowledge i'm sure!). I have a pfSense router, with VPN capabilities, and the router at work (Cisco/Linksys RVS4000) also can VPN. I would like to use linux as the server, I am in the process of learning Ubuntu. Also freeNAS via FTP is another thought, might be easier?
View 2 Replies
View Related
Aug 1, 2010
If this gets moved I apologize for putting it in the wrong place...Purpose of server: RED GREEN ROUTER for SOHO or PARENTAL CONTROL Block known bad URL,IP... ie porn, malware, ads, others Block Good URL,IP if Desired by OWNER Scan mail protocols for viruses out and in if out is found log and mail MASTEROSSIBILTY??? scan all protocols in and out for viruses n block log out block log and mail MASTER a server build log and possibly a step by step assist for new users.Version of ubuntu server 10.04Hardware Gateway Pentium 4 2 network cardsUse of server RED GREEN ROUTER FIREWALL that blocks site list from shalla and my own list. general use would be for SOHO or Parental controlpick language...pick it again???...country...no...country for kb...kb layout...eth0(as RED)me it...timezone...HDD choice(i used guided-use entire disk)...user...proxy if needed(not for RED GREEN ROUTER!!!)...updates(i picked auto)...LAMP,openssh, mail server ...sqlpassword...grub...done
then
login as user/pass created in install
run following
[code]...
View 9 Replies
View Related
Oct 7, 2010
I have a good grasp on windows server 2003 but I don?t want to pay outrageous license fees for software and services and clients. I am newish to terminal as I only know a few commands. I have no problem installing services for the server edition for 10.04. Its just understanding whats going wrong to troubleshoot. I guess there is you guys and I have good working knowledge of Cisco's IOS's so I understand things like routing tables and interfaces and such for troubleshooting.
Questions I have... Can I install the desktop version of 10.04 and just install the server services? I was looking at the server guide [URL] and would like to know if these can all be installed on the desktop edition without too much trouble. I would imagine one could just use the server edition but I would really want a graphical user environment for some of the activities, if not all that I can. This would be becuase on my skills in the CLI. I priced out a server from Dell. I fits my budget perfectly if I go the Ubuntu 10.04 route. I was wondering if anyone sees any conflicts with the hardware for the Ubuntu OS....
[Code]....
View 4 Replies
View Related
Oct 5, 2009
I installed syslog-ng-3.0.3-1.rhel5.i386.rpm and at first blush it appears to be working fine to /var/log/messages. However it doesn't seem to be doing any other ancillary logging as defined in syslog-ng.conf (I've had to mod /etc/init.d/syslog-ng to look in /etc). e.g.
destination d_auth { file("/var/log/secure"); };
filter f_filter3 { facility(authpriv); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
I'm using a syslog-ng.conf which has served me well in the past (v1.6.9 on fedora).
View 1 Replies
View Related
Jan 17, 2016
Using PKI infrastructure in the environment, preferably a two tier hierarchy? I would like to setup one the way I setup in Windows Server, so was thinking to set one on Linux.
View 2 Replies
View Related
Aug 21, 2009
I am thinking about installing rsyslog using yum, but I only want to try it out first and don't want to create conflicts and problems that will be hard to revert. When I ask yum on CentOS 5 about rsyslog, I get this (note much older version - it's too bad that even the latest STABLE rsyslog isn't in the repository):
[Code]....
View 3 Replies
View Related
Oct 12, 2009
I've just configured my Linksys RVS-4000 router to syslog messages to remote syslogd server (i.e. my CentOS5 machine). Redirecting messages was easy, but now I'm having difficulties to redirect those same messages received from Linksys to a separate log file. By default, all these messages are logged to /var/log/messages, and after browsing manual pages for syslog, syslog.conf, and syslogd, came to suspect that what I want isn't possible.
View 1 Replies
View Related
May 13, 2010
I installed syslog-ng so I can receive remote logs. this is working however since I disabled syslog on my syslog-ng server I am not logging in /var/log/messages cron and some others.locally)I know this is because my syslog-ng.conf only references remote and not local.How can I edit the syslog-ng.conf file so that I can receive remote and local? I tried this however when adding in portions of the default config, I only receive local and not remote logs anymore. I am forwarding my config.
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
[code]....
View 2 Replies
View Related
Mar 10, 2010
How to set up syslog server on Fedora 10 Linux server ?
View 1 Replies
View Related
Nov 14, 2010
Im trying to get syslog-ng to log ssh stuff to a own file (later i want it to be forwarded to a other server but thats a later problem.
The thing is that if i restart my syslog-ng server and login with ssh, it logs it. but when i login again it dont. But if i restart the syslog-ng daemon again it logs again, but only once.
Here is my config.
Code:
View 1 Replies
View Related
Oct 7, 2010
I noticed in my system that my root partition is getting full. I found a lot of old compacted syslogfiles. Had a look at etc/sysconfig editor eg cron but could not find a setting which allows to delete files older than a month. Where and how could I influence this ? I deleted manually all syslog files older than a month. Approx 6GB
View 9 Replies
View Related
Dec 4, 2010
I'm looking to upgrade the infrastructure in our office (small web development shop). I'm going to buy a small floor standing rack and in it we will have a dedicated firewall / VPN box, a web development server and a fileserver (for now). I intend to use Debian squeeze for everything.
My main question is what should I do about RAID? I've not used it myself before, instead relying on backups to removable disks. This time I want to do everything properly, and a measure of disk redundancy is required so I guess we will be going for RAID 1.
I'm looking at this [URL].. server which comes with an Intel ICH10R RAID controller on board, and also has an option to add a 3ware 9650SE-LP. The site says the Intel chipset is Windows only, so I guess the 3ware alternative is the way to go. The server also has two 3.5" hot swap drive bays. Could anybody advise me if the 3ware card is a good choice for use with Debian? Also, how can I monitor the health of the drives with standard Debian tools out of the repos? Any other RAID tips are also interesting for me.
View 14 Replies
View Related
Dec 3, 2010
I�m installing fail2ban to improve the security of a home asterisk server which from time to time becomes the target of some sip account cracker and/or ssh brute force attack.For those not familiar with fail2ban, this utility monitors log files to find matches with user specified expressions to identify the presence of a brute force attack. Then configures iptables rules to block the offending IP.Here�s an example:
Code:
NOTICE[1734] chan_sip.c: Registration from '"613"<sip:613@xx.xxxx.xxx.xxx>' failed for 'yyy.yyy.yyyy.yyy' - No matching peer found
[code].....
View 1 Replies
View Related
Mar 10, 2011
I'm guessing its possible but I can't seem to find any documentation on how to do this.I've tried playing with entries at the top of my syslog.conf file like:
*.* @172.20.10.1 # 1 server, works file
*.* @172.20.10.1,172.20.20.11 # doesn't work
*.* @172.20.10.1 172.20.20.11 # nor this
*.* @172.20.10.1,@172.20.20.11 # nor this
*.* @172.20.10.1 @172.20.20.11 # nor this
View 3 Replies
View Related
Feb 8, 2011
What is the easiest way in Linux to convert syslog messages to XML?
View 1 Replies
View Related
Dec 9, 2009
I have the following BIND messages filling up my SysLog that I'm hoping someone can explain to me:
Code:
Dec 9 09:35:44 dns2 named[30103]: client 67.130.224.5#49551: query (cache) 'www.domain.com/A/IN' denied
Dec 9 09:35:47 dns2 named[30103]: client 67.130.224.5#64561: query (cache) 'www.domain.com/A/IN' denied
[code].....
I would expect this behavior if "domain.com and anotherdomain.com" wasn't a domain that I hosted. But this is a valid domain that this server should be answering for. In my named.conf I do have the
Quote:
allow-query { any; };
option on every zone. This is my slave server and I have the primary shut off so I can test this slave server. FYI: So far queriers still seem to be working. The pages for the sites are still coming up via the internet.
View 1 Replies
View Related
Jan 17, 2011
configure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server
View 6 Replies
View Related
May 12, 2009
Can syslog be used to "watch" other log-Files from other software? I would like to get an info in messages if a logfile of squid is changed/something is added.
View 4 Replies
View Related
May 20, 2010
In my system, I see two syslog configuration files, /etc/rsyslog.conf and /etc/syslog.conf.. What is the use of each file? I know only that of /etc/syslog.conf...how about /etc/rsyslog.conf? what is its use?
View 1 Replies
View Related
Dec 16, 2009
We have several SLES, CentOS, Fedora server and use logmail to filter the logs on our central syslog-Server. The problem is, that the filtering take more and more time and the configuration gets more and more confusing. What program to use to analyse our central logfile? Something mysql based?
View 1 Replies
View Related
Mar 18, 2010
I am currently using Syslog-NG to make the log files in the format of: $R_YEAR$R_MONTH$R_DAY$R_HOUR and I need to be a little more granular.
I am wondering if there is a way to to divide the hour by 12, making a new log file every 5 minutes. We have been using LogRotate, but when Syslog-NG is restarted we have some data loss. Is this possible? Another solution I can think of would be to add $R_MINUTE (or whatever it is) and run a cron job every 5 minutes to concatenate the files.
View 1 Replies
View Related
Feb 16, 2011
I am facing an issue with my syslog server. The server is collecting remote log also. and the issue is no log messages are updated in /var/log/messages file. But other files are getting updated.
[root@Server1 ~]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
[code]....
View 13 Replies
View Related