Transfering syslogs to a loghost
All, I was hoping that someone can answer this quick question for me... I am setting up a loghost where all syslogs will be transfered to. I have already made the changes to all of the remote systems (adding the @), but I am having a problem with the loghost system not receiving the logs. I changed the syslog daemon to add the '-r' switch, but my other systems are still showing the following error...: syslogd: sendto: Connection refused However, when I run netstat -a on the loghost, the syslog daemon is listening... What am I missing? Thanks :-) ============================================ Drew J. Como Phone: 631-434-6600 Systems Administrator Fax: 631-434-7800 dcomo@bascom.com Web: www.bascom.com Bascom Global Internet Services, Inc. -------------------------------------------- "When quality is the goal, winning is guaranteed."
* Drew J. Como wrote on Wed, Mar 20, 2002 at 17:10 -0500:
to all of the remote systems (adding the @),
did you used an IP or a name? Is it in /etc/hosts? I would recommend to not use DNS here.
the logs. I changed the syslog daemon to add the '-r' switch,
This of course on the loghost only. The @ entries are needed by the loggers ("clients").
but my other systems are still showing the following error...: syslogd: sendto: Connection refused
Make a tcpdump (-n -i <ethX> port 615, or what port this was) and make an strace to get an idea about what sendto failed. Maybe you have a firewall between? It may reject the packets.
However, when I run netstat -a on the loghost, the syslog daemon is listening...
And no client remote logs at all, yes? oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (3)
-
Drew J. Como
-
John Trickey
-
Steffen Dettmer