Board index Freebsd

4.7, syslogd and remote router logging

4.7, syslogd and remote router logging

Post by Mike Tod » Tue, 10 Dec 2002 17:48:18



I setup a FreeBSD 4.7 server to be a syslog server for a network with nodes
around the globe.  We started with a test to collect syslog messages from
just one router in the Middle East.  We entered the following line in the
syslog.conf file:

local5.debug    /var/log/router.log

and started syslogd using the following command:

/usr/sbin/syslogd -a 10.10.10.2

No logging occurred even though the documentation for syslogd indicates this
is the way to collect log entries from a remote system.

Since the -s option (to disable logging from external sources) is the
default, we entered syslogd_flags="" in the rc.conf file.

It still did not log the entries from the remote.

When we removed the "-a 10.10.10.2" from the command to start the syslogd
service it started working.  However, we had to shut down syslogd and
restart it before it would work.  kill -HUP 'cat /var/run/syslog.pid' would
not restart syslogd in a working state.  The only way was to kill syslogd
completely and start it without command line parameters.

At that point the logging started immediately.

Summary:

1. Enter services to be logged in the syslog.conf file.

2. Override the "-s" option in /etc/default/rc.conf by entering
syslogd_flags-"" in the /etc/rc.conf file.

3. Start /usr/sbin/syslogd without command line parameters.

This works.

--

Mike Todd
Director, Engineering, GServices www.gservices.info

President, Mike Todd Associates www.MikeTodd.com
Supporting the Digital Coast

President, Internet Society Los Angeles Chapter www.ISOC-LosAngeles.org

Center for Entrepreneurship and Technology Law
Pepperdine University Law School

 
 
 
Top

1. syslogd got me stumped (trying to log Cisco router messages)

I am using Slackware version 1.2.13 and can't configure the syslogd to
accept messages from my Cisco router. I believe my Cisco is configured
correctly to relay messages to the IP address of my Linux box. I have also
checked network connectivity and all seems fine.

One problem I am having is finding documentation that does more that simply
mention that syslogd exists. I did look up the on-line help on syslog.config
but did not have much luck with it. Here are some specific questions:

1) Is there more thorough documentation somewhere that explains syslog in
detail?

2) Does syslogd have it's own process or is it part of inetd? I only see
inetd when I use the ps command.

3) Is there a way to manually send a message to syslog to see if it is
working? By the way, the messages in my /var/adm/syslog seem to be old - not
logging anything new.

4) Does anyone have a Cisco configured to log to Linux? The Cisco doc
recommends the following modification to the syslog.config file:

     local7.debug                                    /var/adm/router.log

I have made this change but the /var/adm/router.log file was not created,
even though I had debug level trapping enabled on the Cisco. I then used the
touch command to create this file, in case it needed it to start logging to
it. Nothing. The file stays at 0 bytes.

Would appreciate some pointers.

--
 Please also copy my e-mail account.

 Charles Kerekes

2. Install Disk Problem?

3. syslogd logging data from router

4. xserver running as root

5. printk performance logging without syslogd for router

6. Monitor (Epson 1415EM)

7. syslogd not logging from router

8. Source and desirability

9. Linux syslogd remote logging?

10. Solaris 8 syslogd - remote logging

11. syslogd remote logging

12. remote logs with syslogd

13. remote logging with syslogd


All times are UTC
Board index