syslogd.conf configuration to copy /var/adm/messages to a loghost ?

syslogd.conf configuration to copy /var/adm/messages to a loghost ?

Post by fiatun » Wed, 14 Sep 2005 03:50:08



Hello,

I have host A, host B, host C and host x.

I would like to duplicate all the /var/adm/messages of host A,B and C to
/var/adm/messages.A, /var/adm/messages.B and /var/adm/messages.C on host
x.

Any idea of how to write syslog.conf.. ?

Regards

Fia

 
 
 

syslogd.conf configuration to copy /var/adm/messages to a loghost ?

Post by James Carlso » Wed, 14 Sep 2005 06:34:12



> I would like to duplicate all the /var/adm/messages of host A,B and C to
> /var/adm/messages.A, /var/adm/messages.B and /var/adm/messages.C on host
> x.

> Any idea of how to write syslog.conf.. ?

Standard Solaris syslogd doesn't do that.  You might be able to find a
third-party syslogd implementation that does, though.

--

Sun Microsystems / 1 Network Drive         71.232W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.496N   Fax +1 781 442 1677

 
 
 

1. Can Loghost's syslogd steer multiple remote /var/adm/messages to multiple files?

QUESTION:

Is it possible to have one type of error messages from multiple machines
write to several different files on one loghost? I'm sure I'm not the first
sysadmin not to want error messages from different machines mixed up in one
/var/adm/messages file.

SETUP:

Currently I have several machines ( HostX ) successfully sending their
"/var/adm/messages" to one loghost (let's call Host1).

Oh HostX's /etc/syslog.conf, I have:


On Host1, /etc/syslog.conf is unchanged:

*.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages

I tried to do the following on HostX:

*.err;kern.debug;daemon.notice;mail.crit        ifdef(`LOGHOST',

...but all error messages still end up in "/var/adm/messages" on Host1.

Is the problem with the line on Host1 that might be steering ALL error
messages "/var/adm/messages"?

This is really what I want to see on Host1:

/var/adm/messages
/var/adm/messages.Host1
/var/adm/messages.Host2
/var/adm/messages.Host3
...
,etc, etc...

If syslogd or some other system facility cannot divide the messages file, I
will write a script to do this for me.

Brendan

2. Help with kernel source (struct list_head)

3. syslogd failed to log message to /var/adm/messages

4. Network Time Protocol

5. trimming /var/adm/messages & /var/adm/syslog

6. HELP, Teacher needs free linux/x-2windows box.

7. Clean way to remove /var/adm/messages and /var/adm/syslog

8. Cable Modem and DHCP

9. How does syslogd maintain /var/adm/messages files?

10. /var/adm/messages & syslogd

11. syslogd. Error in /var/adm/messages

12. INIT: Cannot create /var/adm/utmp or /var/adm/utmpx

13. what is /var/adm/lastlog and /var/adm/wtmp ?