From owner-freebsd-questions Thu Jan 16 3:17:39 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1A74C37B401 for ; Thu, 16 Jan 2003 03:17:37 -0800 (PST) Received: from pcwin002.win.tue.nl (pcwin002.win.tue.nl [131.155.71.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id E119043EB2 for ; Thu, 16 Jan 2003 03:17:35 -0800 (PST) (envelope-from stijn@pcwin002.win.tue.nl) Received: from pcwin002.win.tue.nl (orb_rules@localhost [127.0.0.1]) by pcwin002.win.tue.nl (8.12.6/8.12.6) with ESMTP id h0GBHVJB040469; Thu, 16 Jan 2003 12:17:31 +0100 (CET) (envelope-from stijn@pcwin002.win.tue.nl) Received: (from stijn@localhost) by pcwin002.win.tue.nl (8.12.6/8.12.6/Submit) id h0GBHVRk040468; Thu, 16 Jan 2003 12:17:31 +0100 (CET) Date: Thu, 16 Jan 2003 12:17:31 +0100 From: Stijn Hoop To: Bsd Neophyte Cc: freebsd-questions@freebsd.org Subject: Re: how do i log another device to syslog? Message-ID: <20030116111731.GD39407@pcwin002.win.tue.nl> References: <20030116104442.GB39407@pcwin002.win.tue.nl> <20030116110705.76103.qmail@web20102.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WChQLJJJfbwij+9x" Content-Disposition: inline In-Reply-To: <20030116110705.76103.qmail@web20102.mail.yahoo.com> User-Agent: Mutt/1.4i X-Bright-Idea: Let's abolish HTML mail! Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --WChQLJJJfbwij+9x Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 16, 2003 at 03:07:05AM -0800, Bsd Neophyte wrote: > --- Stijn Hoop wrote: > > See 'man syslog.conf'. You need to edit /etc/syslog.conf to tell syslogd > > to route all messages from a host to separate files. They will appear > > in /var/log, just like your 'regular' logs from syslog (ie > > /var/log/messages, > > /var/log/security etc). >=20 > i have, and the explanation is extremely cryptic. I concur, it isn't simple. The following is untested but it appears that it should work from my reading of the manpage (unfortunately, although I do intend to use this setup sometime, I don't have time right now to test it). Append this to your /etc/syslog.conf and kill -HUP syslogd: +remotehost *.* /var/log/remotehost And then see if /var/log/remotehost gets filled. > it seems that i'm having other issues as well. >=20 > this is what i'm now running for syslogd: >=20 > syslogd -v -a x.x.x.x/11:syslog -a x.x.x.x/24:syslog That looks good. > when i do netstat -a, i see the following for syslogd: >=20 > ------------ > udp4 0 0 *.syslog *.* > ------------ >=20 > it's state is blank. So it is listening for other messages, that's also good. > so right now, nothing is happening. i constantly check /var/log/messages > to see if anything new appeared from either host, but the box doesn't seem > to be logging anything. I guess it needs to be told specifically to log messages from the box. Try the above and let me know, it will be helpful for me as well :) BTW, for testing, check out logger(1) -- you can use it to send test messages to syslogd (and thus across the network). --Stijn --=20 Help Wanted: Telepath. You know where to apply. --WChQLJJJfbwij+9x Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+JpTLY3r/tLQmfWcRAoPNAKCadtT1k55x58WopdFIUqVQsOvwHACcCzad Y+Q4lyzE0IndSgGDgp4jLW4= =EtOl -----END PGP SIGNATURE----- --WChQLJJJfbwij+9x-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message