We have several SLES, CentOS, Fedora server and use logmail to filter the logs on our central syslog-Server. The problem is, that the filtering take more and more time and the configuration gets more and more confusing. What program to use to analyse our central logfile? Something mysql based?
View 1 RepliesI am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies View RelatedI am facing an issue with my syslog server. The server is collecting remote log also. and the issue is no log messages are updated in /var/log/messages file. But other files are getting updated.
[root@Server1 ~]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
[code]....
Basically I'm working as part time administrator in a company, and still am at college. To keep the story short, the company I work with used to have a linux gateway, namely Untangle. We tried to upgrade to E-Box, which is supposed to have more options than Untangle, but it doesn't seem to work as it should. What I'm trying to ask here is this. I need a gateway system that handles QoS, Content filtering, Mail Filtering, DNS, Wan failover / load balancing, LOGS (important), Firewall and maybe the handling of separate users or groups. The ideal solution would be one that like the E-box, has a central control system, without the need to adjust code in CLI for configuration. I have some experience on CentOS and Fedora, so I am able to do some configuration, like installing Samba, DHCP and VNC.
View 2 Replies View RelatedI am trying to build a ftp server with vsftpd. In general, I am not able to log in. I can only log in to the ftp server, if that same user is logged in to the server. I found out that this has to with my network setup. I am using OpenLDAP for centralized authentication and home directories are stored on an NFS server. The problem is that regular users are not allowed to log in to servers, therefore their home directories are not mounted. However I want to be able to give my users access to the ftp server without their home directories mounted. Is this possible with vsftpd and if so how do get this up and running. By the way, anonymous users are not allowed.
View 3 Replies View RelatedWe are hoping to build a central database server so that we can take all the singular instances of mysql off our web servers and have the data stored in one place (we also run a number of syslogging servers that use mysql, netflow servers that use mysql, and many other servers that have mysql tables that we would like to consolidate as well). Now I have run into the problem that requires all the customer web sites to change the configuration for their connection to the mysql server from a local connection to a remote connection, which is something we are trying to avoid. I am wondering if there is a software suite or a function of mysql itself that allows you to present the remote database information as local databases to a server, allowing customer configurations to remain intact, as if the mysql server never moved off the local machine? Or a different question, can you configure mysql server to take local requests and forward them to a central mysql server?
View 9 Replies View RelatedIn my network Nagios server running on Ubuntu server and working fine. I am able to monitor servers in local network through plugin and SNMP. Now I want to monitor some servers which are located remote location(network) and they haven't real IP(all are behind route/firewall). I can allocate real IP to nagios server if require. How can I monitor those servers?
View 7 Replies View RelatedI am trying to set up a network where users can login to a central server which gives access to a partition depending on their role in the company e.g development or HR.my ideal world would be a computer sits on the desk. someone comes along logins they have all their files. they can then login with the same user information else where in the office.
View 3 Replies View RelatedIs there a way to configure Squid to get the filtering policy from a central policy on a web server.
like squid pointing to [url]
We use a reverse proxy to forward a lot of websites via 1 central place.so hould forward to an internal server.I already managed to forward a lot of website correctly, except for this one:hen I type:ttp://blablahblah/smt/webtier-7-11 it doesn't work correctly, but How can I make the first url to work ?
ProxyPass /smt http://192.168.10.38:8080
ProxyPassReverse /smt http://192.168.10.38:8080
ProxyPassMatch ^/((smt|webtier-7.11)(/.*)?)?$ http://192.168.10.38:8080/$1
[code]....
I'm looking for a Syncronizacion Softwares (running as a daemon) to do a unidirectional syncronization of some files/folders from a lot of servers to one central server.As there are a lot of servers i want a software that only needs to be installed on the central server and pulls the files/folders from the other servers.rsync and unison need to be installed on both machines and syncronize the files/folder by sending them from al the servers to the central server(its no the central server the one who pulls the files/folder from the other servers), so they dont work for what i want.
View 4 Replies View Relatedi`m trying to set up a Central Backup Server with BackupPC installed on CentOS 5.6 x86_64, My CentOS has Samba3x / Winbind integrated with Active Directory i found this nice Wiki http://wiki.centos.org/HowTos/BackupPC , to get my BackupPC installed. after installing RPMForge's repo and settin` up the priorities to the repos, http://wiki.centos.org/PackageManagement/Yum/Priorities i get the following error regarding Samba3x Conflicts , i dont wanna miss up my Samba Configuration to install BackupPC, even --skip-broken option does not work for me
[Code]....
I got the "The file '/var/log/syslog' does not exist." message when I tried to run KSystemLog as well as "The file '/var/log/auth.log' does not exist." when I tried to view the authentication log. There is no icon beside the items "Krfb," "KSystemLog," and"Nepomuk Backup" in the "System Tools" menu of Gnome.
View 9 Replies View RelatedI have a Tomato router and it has the capability to have its logs go to a external server. syslog is the obvious choice for this. So I enabled remote logging on my linux server's syslogd (syslogd -r) and I can see all of the logs in /var/log/syslog. What I want to do is take everything that comes from the IP of my router (10.0.0.1) and divert it to its own file like /var/log/tomato to avoid polluting my syslog with external logs.
I can't find any examples of someone doing this. My only solution is to get a script together that strips out any line in /var/log/syslog with 10.0.0.1 in it and puts the line into /var/log/tomato and have the script run as a cron job, but that seems unnecessarily messy.
Unless someone knows that there is a solution, I'm 95% sure that syslog doesn't support this after reading more in-depth of the man page. So I need to migrate to syslog-ng or make a crazy script that runs with cron.
I was checking my syslog.conf file recently and it seems that it is an empty file >_> it shouldn't be correct?
View 2 Replies View RelatedAMD64, Ubuntu 10.10 64bit os, with onboard video.Works really well all the way to 1680X1050 resolution, but I get this error every 10 seconds added to my syslog.
View 9 Replies View RelatedI have a self-made application running on a small embedded Linux device (which should not matter) using syslog to output some error, warning or debug logs.There is a "better" syslog daemon installed, called syslog-ng, which have some more features,t I miss a very important one:How to limit the size of the logfiles to some dedicated megabytes. I was able to create rotating logfiles with the configuration in syslog-ng.conf:
Code:
destination testlog {
file("/var/log/test/log-$S_WEEKDAY"
[code]...
I am facing a problem while trying to log SSH messages in a separate file, say, /var/log/ssh_logs. I have tried modifying the syslog-ng.conf file as follows:
filter f_ssh { facility(auth, authpriv) and match("sshd[[0-9]+]:"); };
destination d_ssh { file ("/var/logs/sshd_logs"); };
log {
[code]....
But still I am not able to get the ssh logs in the new file. They continue to go to /var/log/auth.
I've just configured my Linksys RVS-4000 router to syslog messages to remote syslogd server (i.e. my CentOS5 machine). Redirecting messages was easy, but now I'm having difficulties to redirect those same messages received from Linksys to a separate log file. By default, all these messages are logged to /var/log/messages, and after browsing manual pages for syslog, syslog.conf, and syslogd, came to suspect that what I want isn't possible.
View 1 Replies View Relatedtrying to replace syslog with syslog-ng. When I:
yum erase syslog,
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
How to set up syslog server on Fedora 10 Linux server ?
View 1 Replies View RelatedIm trying to get syslog-ng to log ssh stuff to a own file (later i want it to be forwarded to a other server but thats a later problem.
The thing is that if i restart my syslog-ng server and login with ssh, it logs it. but when i login again it dont. But if i restart the syslog-ng daemon again it logs again, but only once.
Here is my config.
Code:
I noticed in my system that my root partition is getting full. I found a lot of old compacted syslogfiles. Had a look at etc/sysconfig editor eg cron but could not find a setting which allows to delete files older than a month. Where and how could I influence this ? I deleted manually all syslog files older than a month. Approx 6GB
View 9 Replies View RelatedI tried to install Syslog-ng-3.2.4 in Centos 5.6,when i need to start the deamon syslog-ng =>Failure and i have this message:
Code: [root@RelaisXXX etc]# service syslog-ng start Starting syslog-ng: Your configuration file uses an obsoleted keyword, please up Your configuration file uses an obsoleted keyword, please update your configurat
Error creating persistent state file; filename='/usr/local/var/syslog-ng.persist Starting Kernel Logger [FAILED]:
I�m installing fail2ban to improve the security of a home asterisk server which from time to time becomes the target of some sip account cracker and/or ssh brute force attack.For those not familiar with fail2ban, this utility monitors log files to find matches with user specified expressions to identify the presence of a brute force attack. Then configures iptables rules to block the offending IP.Here�s an example:
Code:
NOTICE[1734] chan_sip.c: Registration from '"613"<sip:613@xx.xxxx.xxx.xxx>' failed for 'yyy.yyy.yyyy.yyy' - No matching peer found
[code].....
I'm guessing its possible but I can't seem to find any documentation on how to do this.I've tried playing with entries at the top of my syslog.conf file like:
*.* @172.20.10.1 # 1 server, works file
*.* @172.20.10.1,172.20.20.11 # doesn't work
*.* @172.20.10.1 172.20.20.11 # nor this
*.* @172.20.10.1,@172.20.20.11 # nor this
*.* @172.20.10.1 @172.20.20.11 # nor this
What is the easiest way in Linux to convert syslog messages to XML?
View 1 Replies View RelatedI open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
View 7 Replies View Relatedhow to configure syslog server in centos?
View 3 Replies View RelatedTrying to remove lines from a syslog text file that have duplicate strings
Mar 10 06:51:11[http-8080-1] INFO com.MYCOMPANY.webservices.userservice.web.UserServiceController [u:2533274802474744|360] Authorize [platformI$tformIdAndOs=2533274802474744|360, userRegion=America|360]
then a few lines down
Mar 10 06:52:03 [http-8080-1] INFO com.MYCOMPANY.webservices.userservice.web.UserServiceController [u:2533274802474744|360] Authorize [platformI$tformIdAndOs=2533274802474744|360, userRegion=America|360
got the same thing in terms of a u: number but the issue is I need to remove duplicates and just leave one and the file has multiple duplicates of different u: numbers and it's 14,000 lines long. can anyone tell me if I can use awk? sed? or sort for something like this to? removing lines that have a certain string in there that's a duplicate.