Server :: Configuring Syslog And Exporting Of Logs?
Jan 17, 2011configure syslog server on ubuntu now i want to export logs of windows and ubuntu desktop to the syslog server
View 6 Replies
ADVERTISEMENT
General :: Forward System Logs To Syslog Server?
Sep 24, 2009I'm running Ubuntu Desktop 9.10. How do I get it to forward its logs to a syslog server (its running on a different machine)?
View 2 Replies View RelatedCentOS 5 Server :: Rotating Named Logs Via Syslog.conf?
Mar 1, 2010OS CentOS 5.4 I have a DNS server that is logging all named and dns requests to the chrooted named directory. By default named logs to /var/log/messages but I want to isolate all the dns queries and requests to separate files. I know I can add entries to /etc/syslog.conf to "roll" the logs and logrotate should pick them up but fuzzy as to the syntax. I don't know what "tag" to use in the first fieild. for example
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none/var/log/messages
Here is the logging section of my named.conf
# pwd
# /var/named/chroot/etc
logging
{
[code]....
Ubuntu Networking :: Configure 10.4 Machine To Write Its Logs To A Syslog Server?
Oct 18, 2010how does one configure a Ubuntu 10.4 machine to write its logs to a syslog server?
View 1 Replies View RelatedFedora :: Configuring Syslog Server To Accept Remote Logging?
Nov 12, 2009I'm having trouble getting my pix firewall to log to syslog server. Here are the steps I took:
1) Added the following line to /etc/sysconfig/syslog:
SYSLOG_OPTIONS "-m 0 -r514"
**for some reason, without the 514, syslog doesn't listen
[code]....
General :: Disable Cron Logs From Php-syslog-ng?
Aug 9, 2010i installed php-syslog-ng 2.9.8m in RHEL5 box. I saw logs from the local machine once the cron execute in every one minute.I dont need to appear those in my syslog console. I want to disable these from my linux box.How can i archive this
View 1 Replies View RelatedSecurity :: Syslog - Missing Entries To Logs
May 23, 2011CentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what! Last night I got the following in my logwatch : -
Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
[Code]...
The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.
Software :: Remote Syslog Logging For Apache Logs ?
Feb 2, 2009For remote syslog logging of the general log files, I set:
Quote:
How do I setup the remote syslog logging of apache logs? Do I just add a line in the httpd.conf file to for example ?:
Quote:
CentOS 5 :: Syslog-ng Remote Clients But No Local Logs?
May 13, 2010I installed syslog-ng so I can receive remote logs. this is working however since I disabled syslog on my syslog-ng server I am not logging in /var/log/messages cron and some others.locally)I know this is because my syslog-ng.conf only references remote and not local.How can I edit the syslog-ng.conf file so that I can receive remote and local? I tried this however when adding in portions of the default config, I only receive local and not remote logs anymore. I am forwarding my config.
# syslog-ng configuration file.
#
# This should behave pretty much like the original syslog on RedHat. But
[code]....
CentOS 5 :: Configuring Syslog-ng 3.0.3 With 5.3
Oct 5, 2009I installed syslog-ng-3.0.3-1.rhel5.i386.rpm and at first blush it appears to be working fine to /var/log/messages. However it doesn't seem to be doing any other ancillary logging as defined in syslog-ng.conf (I've had to mod /etc/init.d/syslog-ng to look in /etc). e.g.
destination d_auth { file("/var/log/secure"); };
filter f_filter3 { facility(authpriv); };
log { source(s_sys); filter(f_filter3); destination(d_auth); };
I'm using a syslog-ng.conf which has served me well in the past (v1.6.9 on fedora).
Fedora Servers :: Syslog Listening On Port 514 For Both Firewall And IDS Logs?
Jan 17, 2010Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
Security :: Support Of Third Party Tools Logs In Syslog/rsyslog?
Aug 23, 2010I am searching that how i can configure syslogs/rsyslog to receive third party tools or softwares logs. For example i have a program that generates logs like when it is started and logs about its services, alerts if there are any alarms etc. I want to forward these logs using syslogs/rsyslog. Is their any possibility how can i achieve that
View 2 Replies View RelatedGeneral :: Best Open Source Syslog Server / Syslog-ng Which Is Not Fulfiling Requirement?
Dec 11, 2010I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies View RelatedUbuntu :: Server Not Exporting CUPS Printer?
Nov 2, 2010server not exporting CUPS printer?
View 2 Replies View RelatedServer :: Exporting Partition On USB Stick As NFS Volume
Jan 5, 2011I have a USB disk which has 2 partitions. It is the default behavior in the OS (Lucid 10.04 64 bit) that upon connecting a USB (be it thumb drive or hard disk) it will mount it in:
/media.
I have 2 partitions on the USB hard disk as follows:
ls -l /media
drwxrwxrwx 2 tkmsr tkmsr 2048 2010-02-12 04:12 HPLAUNCHER
drwx------ 7 tkmsr tkmsr 4096 1970-01-01 05:30 vol1
drwx------ 1 tkmsr tkmsr 20480 2011-01-03 17:43 vol2
I want to share vol2 on nfs. Here is the /etc/exports file entry on nfs server
/media/vol2 192.168.1.0/24(rw,sync,no_subtree_check)
On the client machine I tried to mount the above nfs volume
mount -t nfs 192.168.1.19:/media/vol2 /mnt/nfs
Things worked well upto here. But I was not able to go inside the mounted volume at the client machine. Hence I checked the permissions on the folder on nfs server they were as follows
drwx------ 1 tkmsr tkmsr 20480 2011-01-03 17:43 vol2
and the share mounted on client machine which was above only had following permissions:
drwx------ 1 client_hostname client_hostname 20480 2011-01-03 17:43 vol2
Considering this to be source of problem I tried to change the permissions at the server:
chmod -R 755 /media/vol2
but this attempt failed..
I checked by mount command the type of file system on USB disk:
/dev/sdb2 on /media/vol1 type vfat (rw,nosuid,nodev,uhelper=udisks,uid=1000,gid=1000,shortname=mixed,dmask=0077,utf8=1,flush)
/dev/sdb5 on /media/vol2 type fuseblk (rw,nosuid,nodev,allow_other,blksize=4096,default_permissions)
/dev/sr1 on /media/HPLAUNCHER type iso9660 (ro,nosuid,nodev,uhelper=udisks,uid=1000,gid=1000,iocharset=utf8,mode=0400,dmode=0500)
and the
/var/log/syslog
shows
Jan 6 10:24:12 tkmsr ntfs-3g[2278]: Mounted /dev/sdb5 (Read-Write, label "vol2", NTFS 3.1)
Jan 6 10:24:12 tkmsr ntfs-3g[2278]: Cmdline options: rw,nosuid,nodev,uhelper=udisks,uid=1000,gid=1000,dmask=0077
Jan 6 10:24:12 tkmsr ntfs-3g[2278]: Mount options: rw,nosuid,nodev,uhelper=udisks,silent,allow_other,nonempty,relatime,fsname=/dev/sdb5,blkdev,blksize=4096,default_permissions
Jan 6 10:24:12 tkmsr ntfs-3g[2278]: Global ownership and permissions enforced, configuration type 1
Where I see ntfs-3g driver in use for the above volume which I want to export on nfs.Can this be the source of my problems? Or I need to check some thing else? I notice the output of mount command:
/dev/sdb5 on /media/vol2 type fuseblk (rw,nosuid,nodev,allow_other,blksize=4096,default_permissions)
Is there a way I can enforce to load changed permissions on the said USB and change this default behavior.
Ubuntu Networking :: Server Not Exporting CUPS Printer?
Jul 8, 2011server not exporting CUPS printer?
View 9 Replies View RelatedUbuntu Networking :: NFS Server Exporting NTFS Partition Giving Stale File Error?
Apr 3, 2010I'm trying to setup a small network between my old and new laptops to transfer my personal data. They are now linked with a crossover cable and they see each other.The old one has a dual-boot setup with WinXp and Ubuntu 9.10.The new one with Win7 and Ubuntu 9.10.I tried samba but it was very slow even using Windows in both computers: maximum transfer rates were about 1,5 Mib/sec.I tried SSH using ubuntu on both pcs and it is reliable and much faster, 5 Mib/sec. But I wanted more...I installed the NFS server on the old one and exported the NTFS partition where my data resides with sync and ro options.
I installed the NFS client on the new one and i'm able to mount the remote partition.Now, when I transfer my files I get very high speed, more than 10 Mib/sec but after a while I get a "Stale NFS file handler" error but I really didn't touch any file in the old pc and the connection is always up.Searching on the web I found that NFS had some troubles exporting NTFS partitions in the past but should be fully compatible with them since the last versions of ubuntu.
CentOS 5 :: Replacing Syslog With Syslog-ng?
May 5, 2009trying to replace syslog with syslog-ng. When I:
yum erase syslog,
wants to remove everything else that (presumably) has syslog as a dependency. how do I replace the dependency on syslog with a dependency on syslog-ng?
Server :: Set Up Syslog On Fedora 10?
Mar 10, 2010How to set up syslog server on Fedora 10 Linux server ?
View 1 Replies View RelatedServer :: Loging Ssh With Syslog-ng ?
Nov 14, 2010Im trying to get syslog-ng to log ssh stuff to a own file (later i want it to be forwarded to a other server but thats a later problem.
The thing is that if i restart my syslog-ng server and login with ssh, it logs it. but when i login again it dont. But if i restart the syslog-ng daemon again it logs again, but only once.
Here is my config.
Code:
OpenSUSE Install :: Syslog Files Accumulating Searching For Setting To Delete Old Syslog Files?
Oct 7, 2010I noticed in my system that my root partition is getting full. I found a lot of old compacted syslogfiles. Had a look at etc/sysconfig editor eg cron but could not find a setting which allows to delete files older than a month. Where and how could I influence this ? I deleted manually all syslog files older than a month. Approx 6GB
View 9 Replies View RelatedServer :: Bug Installation Syslog-ng In Centos 5.6
Jun 1, 2011I tried to install Syslog-ng-3.2.4 in Centos 5.6,when i need to start the deamon syslog-ng =>Failure and i have this message:
Code: [root@RelaisXXX etc]# service syslog-ng start Starting syslog-ng: Your configuration file uses an obsoleted keyword, please up Your configuration file uses an obsoleted keyword, please update your configurat
Error creating persistent state file; filename='/usr/local/var/syslog-ng.persist Starting Kernel Logger [FAILED]:
Server :: Disabling Syslog Compression?
Dec 3, 2010I�m installing fail2ban to improve the security of a home asterisk server which from time to time becomes the target of some sip account cracker and/or ssh brute force attack.For those not familiar with fail2ban, this utility monitors log files to find matches with user specified expressions to identify the presence of a brute force attack. Then configures iptables rules to block the offending IP.Here�s an example:
Code:
NOTICE[1734] chan_sip.c: Registration from '"613"<sip:613@xx.xxxx.xxx.xxx>' failed for 'yyy.yyy.yyyy.yyy' - No matching peer found
[code].....
Server :: Logging To 2 Syslog Servers?
Mar 10, 2011I'm guessing its possible but I can't seem to find any documentation on how to do this.I've tried playing with entries at the top of my syslog.conf file like:
*.* @172.20.10.1 # 1 server, works file
*.* @172.20.10.1,172.20.20.11 # doesn't work
*.* @172.20.10.1 172.20.20.11 # nor this
*.* @172.20.10.1,@172.20.20.11 # nor this
*.* @172.20.10.1 @172.20.20.11 # nor this
Server :: Convert Syslog Messages To XML?
Feb 8, 2011What is the easiest way in Linux to convert syslog messages to XML?
View 1 Replies View RelatedCentOS 5 Server :: How To Log Vsftpd To Syslog
Jan 11, 2009I open "man vsftpd.conf", it says syslog_enable If enabled, then any log output which would have gone o /var/log/vsftpd.log goes to the system log instead. Logging is done under the FTPD facility. Default: NO So I add "syslog_enable=YES" to the /etc/vsftpd.conf, and add "ftpd.* /var/log/ftplog" into /etc/syslog.conf. But there is no log infomation in the ftplog file.
View 7 Replies View RelatedCentOS 5 :: How To Configure Syslog Server
Nov 20, 2009how to configure syslog server in centos?
View 3 Replies View RelatedServer :: BIND Messages Filling Up SysLog?
Dec 9, 2009I have the following BIND messages filling up my SysLog that I'm hoping someone can explain to me:
Code:
Dec 9 09:35:44 dns2 named[30103]: client 67.130.224.5#49551: query (cache) 'www.domain.com/A/IN' denied
Dec 9 09:35:47 dns2 named[30103]: client 67.130.224.5#64561: query (cache) 'www.domain.com/A/IN' denied
[code].....
I would expect this behavior if "domain.com and anotherdomain.com" wasn't a domain that I hosted. But this is a valid domain that this server should be answering for. In my named.conf I do have the
Quote:
allow-query { any; };
option on every zone. This is my slave server and I have the primary shut off so I can test this slave server. FYI: So far queriers still seem to be working. The pages for the sites are still coming up via the internet.
Server :: Possible To Open Log Files Of Other Software In Syslog?
May 12, 2009Can syslog be used to "watch" other log-Files from other software? I would like to get an info in messages if a logfile of squid is changed/something is added.
View 4 Replies View RelatedServer :: Uses Of Syslog Configuration Files In System?
May 20, 2010In my system, I see two syslog configuration files, /etc/rsyslog.conf and /etc/syslog.conf.. What is the use of each file? I know only that of /etc/syslog.conf...how about /etc/rsyslog.conf? what is its use?
View 1 Replies View Related