Date: Thu, 28 Jun 2001 23:24:32 -0500 From: Mike Meyer <mwm@mired.org> To: Drew Tomlinson <drewt@writeme.com> Cc: questions@freebsd.org Subject: RE: How To Receive Syslog Messages From Another Device? Message-ID: <15164.768.944327.747606@guru.mired.org> In-Reply-To: <5CD46247635BD511B6B100A0CC3F0239259FD5@ldcmsx01.lc.ca.gov> References: <15161.2940.652129.5196@guru.mired.org> <5CD46247635BD511B6B100A0CC3F0239259FD5@ldcmsx01.lc.ca.gov>
next in thread | previous in thread | raw e-mail | index | archive | help
Drew Tomlinson <drewt@writeme.com> types: > > From: Mike Meyer [mailto:mwm@mired.org] > > Drew Tomlinson <drewt@writeme.com> types: > > > I have a 3Com ADSL router for my home network. I have found that it > > > (according to the docs) has the capability to send log > > messages to syslogd > > Hmm - it works fine for me, without the ":*" as I'm going from FBSD to > > FBSD. You do need to make sure that syslogd is started without "-s", > > as that causes it to ignore the -a. If syslog is sending packets > > from the syslog udp port, you might try dropping the ":*". > Thanks for your response. I'm still a newbie but learning. :) I recall > when I setup ntpd that to get log messages, I had to put an entry in > syslog.conf that was something along the lines of: > ntp.info /var/log/ntp.log > Where ntp is the "name" (for lack of a better word) of the program sending > the message and info is the level at which to log. The file spec is the > file to log to. According to the documentation, that's "the selector field which specifies the types of messages and priorities". The program name can be selected for with the "!progname" construct. As far as I can tell, there isn't any way to select on hostname. > So I assume I need the "name" of the messages coming from my router and add > a similar line to syslog.conf. Would this be correct? I've called 3Com to > get this "name" and all they could do was point me to some freeware syslog > daemons for Windows. That would certainly help. Unfortunately, I have no idea what the selector values should be in this case. > > If nothing else works, enable a firewall on the destination box set to > > log everything, and see what's getting sent to it. > So if I do this, will I see the "name" I need above? What is some good "how > to's" for doing this? I assume there's something in the handbook. Anywhere > else you'd recommend I look? Unfortunately, no. That will get you the ip address and upd port it's from and to. Here's an example from my log file: Jun 17 10:49:17 guru /kernel: ipfw: 65534 Deny UDP 192.168.1.129:67 255.255.255.255:68 in via fxp0 That's from IP 192.168.1.129 UPD port 67 to Ip 255.255.255.255 (anyone listening, which is why I'm getting it) UPD port 68. I can't think of any way to get the selector info, except for documentation from 3Com. Check the docs on their Windows daemon, and see if it has that facility, or otherwise mentions it. If it does and documents it, you're done. If it does and doesn't document it, you have something to point out when you call them next. If it doesn't document it, I don't know where to turn. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15164.768.944327.747606>