Re: How i can to collect all logs of unix server ? (122 Views)
Reply
Super Advisor
Mousa55
Posts: 663
Registered: ‎05-20-2007
Message 1 of 6 (122 Views)
Accepted Solution

How i can to collect all logs of unix server ?

Hi All,

I am installing RHEL 5.5 to be a syslog server to collects logs from servers (HP-UX, Linux, Windows and Cisco Network Devices).
and i can now collect logs from my windows PC on syslog linux server by using Datagram SyslogAgent software. but still i need your help to i can collect logs from HP-UX 11.23 server. and i configuring the Unix server as in the steps below:
====================================
1. Log in as root

2. Go to /etc/syslog.conf

3. Add a line: *.*@

*.* @10.15.1.5

4. Save and Close

# netstat -na | grep 514

tcp 0 0 *.514 *.* LISTEN
udp 0 0 *.514 *.*

5. Go to the /etc/hosts file (in case DNS is not configured or temporarily down)

Enter a line: Name

10.15.1.5 syslog

10. Now execute the following commands

/sbin/init.d/syslogd stop
syslogd -v
kill -HUP `cat /etc/syslog.pid`
/sbin/init.d/syslogd start
====================================
And only i see these logs when i try to telnet to syslog server from unix server

# telnet 10.15.1.5

"Dec 26 13:12:41 syslog xinetd[3186]: START: telnet pid=11657 from=10.8.1.69
Dec 26 13:12:44 syslog xinetd[3186]: EXIT: telnet status=0 pid=11657 duration=3(sec)"

How i can to collect all logs of unix server ?

Thanks
Trusted Contributor
Stephan._1
Posts: 90
Registered: ‎10-31-2002
Message 2 of 6 (122 Views)

Re: How i can to collect all logs of unix server ?

Hi,
try changing

*.* @10.15.1.5

to

*.debug@10.15.1.5

For the restart process

kill -HUP `cat /etc/syslog.pid`

is enough, it will reread it's configuration.

hth
Stephan
Share what you know, learn what you don't.
Super Advisor
Mousa55
Posts: 663
Registered: ‎05-20-2007
Message 3 of 6 (122 Views)

Re: How i can to collect all logs of unix server ?

Hi All,

Thanks Stephan, it is working now.

but how i can separate HP-UX logs about a windows server logs and about Cisco devices logs. I.e. each logs on path individually on Linux syslog server.

Very Thanks
Trusted Contributor
Stephan._1
Posts: 90
Registered: ‎10-31-2002
Message 4 of 6 (122 Views)

Re: How i can to collect all logs of unix server ?

Hi Nejad,
you need to configure it on your syslogd server.

I have no glue about Red Hat but on FreeBSD you need the following:

On the syslogd server - add for every client

+logclient.example.com
*.* /var/log/logclient.log

to /etc/syslog.conf.

Create the file (f.e. touch /var/log/logclient.log)

Restart syslog daemon.

Check the man page for right syntax on Red Hat.

hth
Stephan
Share what you know, learn what you don't.
Acclaimed Contributor
Dennis Handly
Posts: 25,285
Registered: ‎03-06-2006
Message 5 of 6 (122 Views)

Re: How i can to collect all logs of unix server ?

Super Advisor
Mousa55
Posts: 663
Registered: ‎05-20-2007
Message 6 of 6 (122 Views)

Re: How i can to collect all logs of unix server ?

Thanks i can now collect logs from all server
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.