Ive been asked by my boss to set up a ubuntu machine that will be used as a syslog server. He wants a GUI as a posed to a CLI. He would also perfer to have it non web based. We already have cati installed but he is not keen on the syslog side of that. Does anyone know of any other syslog programs?
View 1 Replies
I'm guessing its possible but I can't seem to find any documentation on how to do this.I've tried playing with entries at the top of my syslog.conf file like:
*.* @172.20.10.1 # 1 server, works file
*.* @172.20.10.1,172.20.20.11 # doesn't work
*.* @172.20.10.1 172.20.20.11 # nor this
*.* @172.20.10.1,@172.20.20.11 # nor this
*.* @172.20.10.1 @172.20.20.11 # nor this
On this Ubuntu 8.04.4 LTS server, I want to log the messages from a Linksys router. So I made this change to "/etc/init.d/sysklogd" SYSLOGD="-r" Then in "/etc/syslog.conf" I added the following to the top of the file: Code: if $fromhost isequal 'Linksys' then /var/log/Linksys.log & ~
Then I rebooted the server. But there is no "/var/log/Linksys.log" file.
When building 8.04 servers, I reconfigure snmpd's logging options to prevent copious low priority messages being logged whenever our network management workstation polls them. I edit /etc/default/snmpd and change line 11 from:
Code:
SNMPDOPTS='-Lsd -Lf /dev/null ...'
to:
[code]....
I wish it was under better circumstances...very morning at 6:25am syslog-ng stops logging, right after it attempts to log rotate. its odd... the daemon doesnt die... it gets a new PID, but doesnt write the output to /var/log/syslog.Yet if I manually restart or reload syslog-ng it works great... its just like it doesnt like the logrotate...I have googled around and tried a few things...first I changed the postrotate in the logrotate.d/syslog-ng
--------/etc/logrotate.d/syslog-ng---------
/var/log/syslog {
rotate 7
[code]....
Is there a way to force the syslog ie /var/log/messages to restart at say 1:00 am instead of 7:55 or so each morning?
View 4 Replies View RelatedI'm running a syslog server on ubuntu 7.04. Can I somehow have it email me if it finds a certain thing in the log? For example. I'm running a PRI and when the PRI goes down, it logs a "DEACTIVED" in the log. I would like an email telling me this so I know to get on it and fix it.
View 9 Replies View RelatedI recently upgraded a Ubuntu server from version 8.04 to 10.04 and after a reboot the webmin and syslog-ng server do not start at boot anymore. I can start them manually by doing /etc/init.d/webmin start and /etc/init.d/syslong-ng start and everything works fine until I root again. Granted this machine is rarely rebooted but when it is, I don't want to have to remember to start these services. I have tried a full removal of syslog-ng and reinstall but to no avail. The entries are in the rc directories like they should and the links are valid.
View 1 Replies View RelatedHow do clients handle offline syslog servers?Will the log files be buffered locally to be sent to the syslog server when it comes back online, or will any log data generated during downtime be lost in cyber space?
View 1 Replies View RelatedI am running a headless Ubuntu 10.04 server with the 2.6.32-28-generic kernel. For what I can figure out no single direct cause I get a high load average and the following syslog output at random intervals. Generally the load average will drop back down to normal however the kernel errors will still continue What little I have been able to find has pointed to memory issues. I am not totaly convinced this is the cause as the server will be showing >50% free when the errors are happening.
[code]...
I guess with major changes to syslog-ng, php-syslog going to licensing cost, and major overhaul to the syslog plugin with cacti - alot of documention was either disjointed, outdated or I just couldn't find it.this was performed on an 11.04 Ubuntu Server tall. I already had Cacti up and running and just needed to make it also a syslog collector.This guide assumes you already have mysql running, and cacti is already in place. If something looks wrong - please correct me. I am doing this from memory - trying to remember what all I had to do, and not a super admin.Required ubuntu install packages:libdbd-mysql syslog-ngcacti install packages:[URL]
Stop syslog-ng if you want. Changes should not take effect until you restart it.Should save the default syslog-ng configuration if you want to be safe. Below is the absolute minimum you need to get this working.Configuration on ubuntu is location in /etc/syslog/syslog-ng.conf Also make sure you fill in the proper username and password for mysql.
Code:
@version: 3.1
#Bare minimum syslog-ng configuration
[code]....
Currently Im having a syslog server that consolidate firewall logs on port 514 udp. Im also having a IDS device that I wish to push its logs to this particular syslog server so that I can retrieve my IDS logs on this server as well.
Is it possible to do so?Having syslog listening on port 514 for both firewall and IDS logs? If it is possible will the logs be recorded in a single log file?Or will it be recorded in a separate log file ie. firewall.log, IDS.log etc?? I wish to have them in separate individual log files or else there will be hard time segregating the log entries in a single file. Can anyone advice on how to achieve this??
turn up the level of logging that my DHCP Server is writing to SYSLOG?I can't seem to find a syslog.conf file to edit.
View 1 Replies View RelatedI wanted to make a SysLog Server in Ubuntu 10.04 Desktop to collect the startup log of all the workstation inside the local area network,which should have a similar functionality to this guide here:Debian Syslog Server..However, when editing the sysklogd, i noticed it was empty and does not have any default values, along with the /etc/syslog.conf, which does not also exist.
View 2 Replies View RelatedI wish to prevent the samba messages (mainly nmbd and winbindd) from appearing in the system log (/var/log/messages). I want to allow samba logging to the standard samba logfiles, but prevent the syslog getting clogged up by samba. I added syslog = 0 to smb.conf and reloaded the config but the messages were still appearing. I also tried the following (and restarted the syslog via /sbin/service syslog restart) # Suppress messages from samba.
nmbd.* /dev/null
smbd.* /dev/null
winbindd.* /dev/null
For interests sake the messages I'm getting are below (I'm not concerned about the messages themselves, I can chase them up at my leisure via the samba logs) Mar 18 09:58:29 SERVER nmbd[3808]: query_name_response: Multiple (2) responses received for a query on subnet xx.yy.z.zz for name DOMAIN<1d>. Mar 18 09:58:29 SERVER nmbd[3808]: This response was from IP xx.yy.z.zz, reporting an IP address of xx.yy.z.zz.
I use named as a local caching nameserver (it has seemed the most stable DNS solution in the past given my ISP's flaky DNS servers) and I've noticed (since using fedora 12) a number of "broken trust chain" messages from named in /var/log/messages, for example:
Code:
named[986]: broken trust chain resolving 'www.bbc.net.uk/AAAA/IN': 212.58.224.20#53
I haven't made much sense of the things I've found via google, and am not even sure if this is a bad problem or not.
i found this video, and i really want to do the same. *newbie needs to learn [URL]...my question is, what need to be installed and how?
is there any specific configuration to make it works?
and will it work if i want to connect from Ubuntu to Fedora ?
I'm curious if anybody can shed some light for me in this department. We're in a large environment with a Windows DHCP Server. We have been tinkering with LTSP on Edubuntu as thin and fat clients. It works great, but right now we just have 1 server handling the lab, which works fine unless we want to expand, which may be very possible.
These are the instructions I received:
Login to your windows server and load the DHCP configuration screen
Create a DHCP reservation for the MAC address you obtained
Add the configuration options below to enable the machine to boot from the LTSP server
017 Root Path: /opt/ltsp/i386
066 Boot Server Host Name: <ip address>
067 Bootfile Name: ltsp/arch/pxelinux.0 # Specify CPU architecture in place of 'arch', for instance 'i386'
From: [url]
I'm curious, what if I want to have multiple Ubuntu servers on the network that I want to have bootable? For example, let's say I have 3 labs, and 3 servers. Server A to Lab A, Server B to Lab B, and Server C to Lab C. I want all C's computers to boot to C, and B to B, A to A, etc.
1 - How would I add multiple entries on the Windows DHCP Server to allow all 3 (A B C) servers to boot?
2 - How would I be able to isolate the clients so ONLY Lab A clients boot to Server A, etc?
I am looking for a version of vmware that manages 2 severs at the same time and that mirrors them such that if one goes down we can still work on the second and of course it also works as a backup. Also, must work on a ubuntu server I have looked but there are so many version that I don't know which one is the best.
View 1 Replies View Related(Mods: If you feel this belongs more in the Games or Wine discussion area, please feel free to move. This question does intersect many areas, so was unsure where to put)
I have a funky server Ubuntu 9.10 Enterprise setup where I have X on all the time (using Xfce4 - not Xbuntu) with latest wine so I can run Windows only based game server executables. One of the applications is a simple dedicated racing game server made by the company I work for that works perfect in wine (unfortunately, the full 3D game client does not, so its a windows only game). The other is more just to test, runs Serious Sam HD dedicated with wine with a steam client active in background since SSHD Ded requires a steam client logged in (just create a dummy account).
Im getting some lag issues with the SSHD on the end-users client side. Unsure if its related to it being a more complex game and using wine to translate slowing it down. Things like tiny warps once in awhile, and the ping of clients kinda jumping around.
Im pretty sure my network settings are ok. Maybe not fully optimized for every bit via ipv4. Still though. This 1U Opteron server is in a ISP with a full 1000 up and down. Ports are locked out that aren't being used. I do have apache going, but its nothing strenuous. The CPU isnt used overly so. Maybe peaks out around 60% under strain, but mostly 20-40%. Memory use is about 550-700megs for SSHD itself. Given, it only has 2 gigs total at this time, but I still usually have near a Gig of memory available at most times.
I admit newbness of linux servers in general. Was reading about other game servers like CS:S requiring a ticked kernel near 1000 to get the least amount of lag. Some even saying they dropped the tickless options of the newer 2.6 kernels on purpose because they produced lag. Was checking on the history of newer Windows Server like 2008 and they still use a ticked OS, though a more optimized version.
So this boils down to should I be running a Ticked OS kernel to run a more complex Windows based dedicated server? I haven't tried thus far, well because I am again a bit of a n00b to all this. That and I'm not sure you have to tell wine or the SS:HD dedicated exe itself to run at a full ticked rate (no option I have seen for a command line function in the SS:HD itself).
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.
View 2 Replies View RelatedI have Webmin installed on an Ubuntu server. I currently have a successful apache server running on port 80, however I want to create a virtual host on port 81. When I try I go to servers->Apache Webserver-> Create Virtual Host I change the port to 81 and the document root to /var/port81www then I click create. How ever when I goto 192.168.1.5:81 (local ip, I know I have to port forward but its not even working local) it does not work.
View 5 Replies View RelatedI handle several hundreds of domains. Mails are handled with google apps (but previously I used to have a full postfix/courrier setup with virtualhosting). Now what I need is to be able to send mail (newsletter etc...) from my web servers, but I don't need to receive mail on these servers.
View 4 Replies View RelatedI got my hands on a couple old servers. An HP tc2021 and a Proliant ML110. Sure they're ancient, but I thought they would make a couple of great Ubuntu Servers for a new "start up" business I'm trying out. Now I've got to decide the best scenario to distribute the load between the two servers. I'm going to make an internal domain and will probably be running the following: Kerberos, Samba, Apache, Postfix, mysql, bind, dhcp, SVN, GCC, and Nagios. So in summary, I'll have the following roles; domain controller, web server, file server, and network monitoring services. how they would handle splitting these services up between two servers?
View 1 Replies View RelatedI am running apache2 and tornado web servers on the same server with one ip address.
The apache2 listens on port 80. Tornado listens on port 8888. I want to redirect requests from a specific ip port 80 to port 8888. I don't have the ability to change the port request on the device. It wants is looking for a web server on port 80.
Any other web server request should go to the apache.
I tried adding the following to /etc/ufw/before.rules
When I run iptables -L it doesn't appear. I have disabled and enabled ufw with no help.
Now that I have more computers I am looking at new solutions to manage the proliferation.My Linux machine has been replaced and its now much more powerful than before but its still a 32-bit processor. No problem as I am not using anything unorthodox outside the LAMP stack with a few PHP add-ons to support graphics.I use SAMBA so I can edit web sites easily with Windows tools.So now given a Windows Server, who should be king server and have everybody on the same page so to speak.
View 7 Replies View RelatedWe have 5 servers here. What we are going to setup is not a Web server. We want to combine these servers to parallel calculating. I have searched for some information. May be cloud computing would be our choice. I don't know whether I am right.and if I decide to use the cloud, is Ubuntu server my best choice?Can anyone give me some clue about this?
View 4 Replies View RelatedI own a rather large website/forum devoted to Scuba utilizing vBulletin. The problem is that its become INCREDIBLY slow as of late. I have three Ubuntu web servers under a single Ubuntu load balancer and they draw from a CentOS 5 DB server running MYSQL. Here are my concerns:
-I am thinking that they are all 32 bit rather than 64 bit.
-I am thinking that the problem is an IO issue.
I'm trying to build a Fedora 12 cluster to run DHCP on top of two servers using pacemaker and drbd. The pacemaker runs great but i'm having the hardest time getting DRBD installed.
My kernel version is 2.6.32.11-99.fc12.i686.PAE First i tried to [root@dhcp-primary drbd]#yum install drbd this doesn't give me everything because apparently the kernel module for DRBD must be built from source. so i unpacked drbd-8.3.6.tar.gz and tried :
[Code]...
I'm not very experienced in compiling from source i'd love to make an rpm for this but after scouring the web and trying different install methods, I am still at a loss.
I currently have a group of 3 servers connected to a local network. One is a web server, one is a mysql server, the other used for a specific function on my site (calculation of soccer matches!).
Anyway, I have been working on the site a lot lately but it is tedious connecting my USB hard drive to each computer and copying the files. This means I am not backing up as often as I should...
I have a laptop connected to this same network that I use for development so I can SSH into to the computers, is there any software for ubuntu that can take backups of files that I choose on multiple computers? I know I could rsync but is there something with more or an GUI?
Then I can just every 2 days move the most recent backup from my laptop to the USB drive. Then I will have the backup stored in 2 places if things go kaboom somewhere.
