Advertisements
We will see how:
in a syslog-ng-2.1.4-9.el5 server, listening on port 514
Open the syslog-ng configuration file for editing:
[root@logs ~]# vim /etc/syslog-ng/syslog-ng.conf
#Declaring the input
source s_sys {
udp(ip(0.0.0.0) port(514));
};
#Declaring the destination file
destination d_custom { file("/var/log/devicemessages"); };
#Writing the rule to forward the input to file
log { source(s_sys); filter(f_default); destination(d_custom); };
#For forwarding this log to a different log server
destination graylog2 { udp("xxx.xxx.xxx.xxx" port(514)); };
log {
source(s_sys);
destination(graylog2);
};
Best Reads:
1. Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management
No comments:
Post a Comment
Be nice. That's all.