CentOS 5 :: Syslog-ng Remote Clients But No Local Logs?
May 13, 2010
I installed syslog-ng so I can receive remote logs. this is working however since I disabled syslog on my syslog-ng server I am not logging in /var/log/messages cron and some others.locally)I know this is because my syslog-ng.conf only references remote and not local.How can I edit the syslog-ng.conf file so that I can receive remote and local? I tried this however when adding in portions of the default config, I only receive local and not remote logs anymore. I am forwarding my config.
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
[code]....
View 2 Replies
ADVERTISEMENT
Feb 2, 2009
For remote syslog logging of the general log files, I set:
Quote:
How do I setup the remote syslog logging of apache logs? Do I just add a line in the httpd.conf file to for example ?:
Quote:
View 2 Replies
View Related
Mar 1, 2010
OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none/var/log/messages
Here is the logging section of my named.conf
# pwd
# /var/named/chroot/etc
logging
{
[code]....
View 5 Replies
View Related
Feb 7, 2009
I have a Slicehost VPS and I'm trying to set up PPTPD on it. I only have one IP address (the public IP of the box). All the PPTPD howto's I've seen rely on assigning remote clients IPs from the local subnet (e.g. the PPTD server's local IP is 192.168.0.20, and remote IPs are taken from a pool of 192.168.0.30-40).
However I don't think I can do that as I only have the one IP address on Slicehost's network - that public IP (and all other IPs in the segment are public). So what I really want to do is to be able to create a private LAN segment or virtual network adapter and have VPN clients assigned addresses in that segment, then routed out onto the Internet effectively using the PPTPD box as a router. I am using Ubuntu Hardy (LTS).
View 2 Replies
View Related
Aug 9, 2010
i installed php-syslog-ng 2.9.8m in RHEL5 box. I saw logs from the local machine once the cron execute in every one minute.I dont need to appear those in my syslog console. I want to disable these from my linux box.How can i archive this
View 1 Replies
View Related
May 23, 2011
CentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what! Last night I got the following in my logwatch : -
Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
[Code]...
The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.
View 2 Replies
View Related
Jan 17, 2011
configure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server
View 6 Replies
View Related
Apr 19, 2011
How do clients handle offline syslog servers?Will the log files be buffered locally to be sent to the syslog server when it comes back online, or will any log data generated during downtime be lost in cyber space?
View 1 Replies
View Related
Sep 24, 2009
I'm running Ubuntu Desktop 9.10. How do I get it to forward its logs to a syslog server (its running on a different machine)?
View 2 Replies
View Related
Sep 1, 2011
my local box is centos 5.5 running gnome.
I have a eucalyptus instance (vm) running an older version of centos (5.3?). As a vm it has no graphical display. I'd like to run a graphical app there so that it displays back on my local machine.
Used xhost locally and it shows the remote IP (eucalyptus instance) as enabled. On the remote side (eucalyptus instance) I set DISPLAY with:
export DISPLAY xx.xx.xx.xx:0.0
where xx.xx.xx.xx is my local ip address. Oh, I did install X in the vm instance (yum groupinstall "X Window System"). X is installed but not running there (does the point of origin of the x app need to have X running as well - and what does this mean in a vm which is a non-graphicla environment?).
Anyway, I try to run (from remote to local) xclock and get the typical
Error: Can't open display.
View 3 Replies
View Related
Jan 17, 2010
Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
View 2 Replies
View Related
Aug 23, 2010
I am searching that how i can configure syslogs/rsyslog to receive third party tools or softwares logs. For example i have a program that generates logs like when it is started and logs about its services, alerts if there are any alarms etc. I want to forward these logs using syslogs/rsyslog. Is their any possibility how can i achieve that
View 2 Replies
View Related
Oct 18, 2010
how does one configure a Ubuntu 10.4 machine to write its logs to a syslog server?
View 1 Replies
View Related
Nov 11, 2009
I would like to replace my aging Freenas box with a CentOS based NAS. I would like it to have the following features:
- SAMBA with Web admin
- BIND with Web admin
- Nice to have would be native AFP support for my MAC
Question 1: Is SWAT still the current Web-based config tool for SAMBA or is there something newer?
Question 2: Is there a decent, reliable, web front end for BIND?
Question 3: Is there a current AFP guide for CentOS, everything I am finding via Google is years old.
I would also like to build a second server that I would host off-site to sync my data to.
- I was thinking OpenVPN for the link between the servers. The "remote" NAS will have to be the one initiating the connection.
Question 4: Is OpenVPN the way to go or is there something better? (I need bidirectional communications)
Question 5: Is rsync still the way to go for the data sync or is there something newer which would be lighter and/or faster?
Just need some "current" advice overall - I think the last SAMBA box I built was 4-5 years ago so what I learned then may not be applicable today.
View 10 Replies
View Related
Sep 15, 2010
We're using both SuSe and RHEL servers. Our servers are running behind firewall device and remote root login is disabled in SSH.
We're using NAT.
Remote client connections including failed logins are logged into the /var/log/messages but what is logged are gateway ip of our LAN - the LAN IP of Firewall device.
How can I logged the external or public IP of the remote client?
View 4 Replies
View Related
May 5, 2009
trying to replace syslog with syslog-ng. When I:
yum erase syslog,
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
View 3 Replies
View Related
Nov 30, 2010
I'm having two problems with remote syslogging with this configuration in syslog.conf:
*.info;authpriv.*;cron.* @myhost.dnsalias.com
As you can see the logging is made to an host with dynamic ip, and as soon as the ip changes the logging seems to stop.
Another thing is that it only seems to log the first part (*.info), the other ones don't appear.
View 1 Replies
View Related
Aug 11, 2010
I have a Tomato router and it has the capability to have its logs go to a external server. syslog is the obvious choice for this. So I enabled remote logging on my linux server's syslogd (syslogd -r) and I can see all of the logs in /var/log/syslog. What I want to do is take everything that comes from the IP of my router (10.0.0.1) and divert it to its own file like /var/log/tomato to avoid polluting my syslog with external logs.
I can't find any examples of someone doing this. My only solution is to get a script together that strips out any line in /var/log/syslog with 10.0.0.1 in it and puts the line into /var/log/tomato and have the script run as a cron job, but that seems unnecessarily messy.
Unless someone knows that there is a solution, I'm 95% sure that syslog doesn't support this after reading more in-depth of the man page. So I need to migrate to syslog-ng or make a crazy script that runs with cron.
View 3 Replies
View Related
Nov 12, 2009
I'm having trouble getting my pix firewall to log to syslog server. Here are the steps I took:
1) Added the following line to /etc/sysconfig/syslog:
SYSLOG_OPTIONS "-m 0 -r514"
**for some reason, without the 514, syslog doesn't listen
[code]....
View 2 Replies
View Related
Jul 25, 2010
Im a linux newbie and I'm some sort of creating an Internal webserver or Intranet for short locally. My local webserver ip address is 192.168.0.1 and when im trying to view this on my xp clients i will type it in the url 192.168.0.1. What im trying to do is view my webserver instead of typing ipaddress I'll type hmij.edu.ph for example and trying to resolve it locally through local dns resolution.. so every time i type for example. my webserver name hmij.edu.ph i want it to redirect it to my local webserver w/out going to the internet first.. I already setup dnsmasq for dhcp and dnsclient resolution. is there any better way on how i can achieved this??im a little bit of confused on how to make this work. tnx in advance!
View 13 Replies
View Related
Jul 26, 2010
I'm some sort of creating an Internal webserver or Intranet for short locally. My local webserver ip address is 192.168.0.1 and when im trying to view this on my xp clients i will type it in the url 192.168.0.1. What im trying to do is view my webserver instead of typing ipaddress I'll type hmij.edu.ph for example and trying to resolve it locally through local dns resolution.. so every time i type for example. my webserver name hmij.edu.ph i want it to redirect it to my local webserver w/out going to the internet first.. I already setup dnsmasq for dhcp and dnsclient resolution. is there any better way on how i can achieved this?
View 5 Replies
View Related
Sep 18, 2009
I've small issue with blocking local clients. I mean I've webserver that I want to allow limited number to clients to that let say I've 10 users from 10.5.1.1-10 I would like to block 1-9 and allow only last client to access that webserver . Ive tried the following
Code:
iptables -A -p tcp -i eth1 -d 10.1.1.14 -s ! 10.5.1.10 -j REJECT
iptables -A INPUT -p tcp -d 10.1.1.14 -i eth1 -s ! 10.5.1.10 -j DROP
View 1 Replies
View Related
Jan 29, 2010
On our app server the logs from the Sybase Mobilink service get logged to /var/log because of that I did a chmod a+rx /var/log and all is well until.... the next day QA logs in goes to check the logs and gets:
Quote:
qa@dwdb [~]$ ls /var/log
ls: /var/log: Permission denied
qa@dwdb [~]$
View 18 Replies
View Related
Dec 19, 2010
I'm running LTSP on 11.04. The clients boot fine and will recognise the local CD and local USB drives but it doesn't mount the HD?
View 1 Replies
View Related
Dec 2, 2010
I have an internal domain (dev.lan) for which my Ubuntu server is authoritative. We have a number of subdomains under that domain (test.dev.lan, svn.dev.lan, etc.). The server also acts as the primary DNS server for my office. It was originally set up under Ubuntu 8 and worked great.
However, ever since we upgraded to Ubuntu 10, our Windows clients periodically lose the ability to resolve domains on the dev.lan domain. Internal IP addresses can still be pinged from the Windows machines so it does not appear to be a network-connectivity issue. External domain names continue to resolve without any problems. The only workaround is to restart networking on the Windows clients. It's frustrating because it happens several times a day.
bind9 logs no obvious error messages.
View 3 Replies
View Related
Jan 16, 2015
I have a web server that hosts multiple websites. Am looking for an application that can be run on my workstation and makes it possible to watch Apache logs live.
It should have a tabbed interface. When I launch the application, it has to connect to my server and should automatically open all access.log and error.log files and display all changes in real time (similar to tail -f command).
Does anything like this exist?
I'm tired of logging in many times in Konsole and executing tail -f commands to see parallel logs.
View 7 Replies
View Related
Dec 11, 2010
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies
View Related
Oct 5, 2009
I installed syslog-ng-3.0.3-1.rhel5.i386.rpm and at first blush it appears to be working fine to /var/log/messages. However it doesn't seem to be doing any other ancillary logging as defined in syslog-ng.conf (I've had to mod /etc/init.d/syslog-ng to look in /etc). e.g.
destination d_auth { file("/var/log/secure"); };
filter f_filter3 { facility(authpriv); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
I'm using a syslog-ng.conf which has served me well in the past (v1.6.9 on fedora).
View 1 Replies
View Related
Jun 1, 2011
I tried to install Syslog-ng-3.2.4 in Centos 5.6,when i need to start the deamon syslog-ng =>Failure and i have this message:
Code: [root@RelaisXXX etc]# service syslog-ng start Starting syslog-ng: Your configuration file uses an obsoleted keyword, please up Your configuration file uses an obsoleted keyword, please update your configurat
Error creating persistent state file; filename='/usr/local/var/syslog-ng.persist Starting Kernel Logger [FAILED]:
View 18 Replies
View Related
Jan 11, 2009
I open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
View 7 Replies
View Related
