How do I run multiple syslogd daemons in SuSE Linux 9.1 Pro?
I have a Dell PE1750 running SuSE Linux 9.1 Pro, which I'd like to turn into a syslog server. Since I can only have 8 local facilities (local0 - local7), which are not enough for all the devices we have on the network, I need to run multiple syslogd daemons. Is this feasible, & how do I do it? Any info you can provide will be greatly appreciated. Peter Escudero
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Escudero, Peter Louis schrieb:
I have a Dell PE1750 running SuSE Linux 9.1 Pro, which I'd like to turn into a syslog server. Since I can only have 8 local facilities (local0 - local7), which are not enough for all the devices we have on the network, I need to run multiple syslogd daemons. Is this feasible, & how do I do it? Any info you can provide will be greatly appreciated.
Peter Escudero
I would do as follows: Possibility one: syslog offers sortalgorithms for sorting text into logfiles files sort entries by host in their own logs. Possibility two: Let syslog log all into one file or the normal setup files and sort later with a logparser, like analog or whatever you like. the output is much smaller, than the whole logfile. !!!Be careful!!! With this setup you have to rotate more often than normal and then run logparser on the gzipped file after it has been rotated (script needed). I hope this helps. Reguards Philippe - -- Diese Nachricht ist digital signiert und enthält weder Siegel noch Unterschrift! Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQD1AwUBQlW20kNg1DRVIGjBAQLiCQcAtKBx3fNKH7dijR1ZXtD60kbgTn7/+G32 uZdyOboVN+twCP9fKVNZ28vN5hm66ksicuiCHz+PR2xdcAB9b6zChVM6e9DQtItI s4PgSzXHh5vsu3aWYgGYDx+dAoLtYTW9R+b3ju8NAg8yHDrqG68fsXVFTCGg4Ods Laz29X7g/j+HBQgpNAagWcyIF0dPeM1Rcs0YeVOOIINkvOl0MInKUC++TIsNL5qF p6OSROK5rtXw1O8vQN+2TyQFMkPsiPg/iwMxLuA10u3BmArtOU8KjNJX/pqtJrFw 2hbD+UEpt08= =qRBz -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Philippe Vogel schrieb:
Escudero, Peter Louis schrieb:
I have a Dell PE1750 running SuSE Linux 9.1 Pro, which I'd like to turn into a syslog server. Since I can only have 8 local facilities (local0 - local7), which are not enough for all the devices we have on the network, I need to run multiple syslogd daemons. Is this feasible, & how do I do it? Any info you can provide will be greatly appreciated.
Peter Escudero
I would do as follows:
Possibility one:
syslog offers sortalgorithms for sorting text into logfiles files sort entries by host in their own logs.
Possibility two:
Let syslog log all into one file or the normal setup files and sort later with a logparser, like analog or whatever you like. the output is much smaller, than the whole logfile.
!!!Be careful!!!
With this setup you have to rotate more often than normal and then run logparser on the gzipped file after it has been rotated (script needed).
I hope this helps.
I fond this: http://gd.tuwien.ac.at/linuxcommand.org/man_pages/sysklogd8.html There is an option for syslog: *-l* /hostlist/ Specify a hostname that should be logged only with its simple hostname and not the fqdn. Multiple hosts may be specified using the colon (??:??) separator. - -- Diese Nachricht ist digital signiert und enthält weder Siegel noch Unterschrift! Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt! - -- Diese Nachricht ist digital signiert und enthält weder Siegel noch Unterschrift! Die unaufgeforderte Zusendung einer Werbemail an Privatleute verstößt gegen §1 UWG und 823 I BGB (Beschluß des LG Berlin vom 2.8.1998 Az: 16 O 201/98). Jede kommerzielle Nutzung der übermittelten persönlichen Daten sowie deren Weitergabe an Dritte ist ausdrücklich untersagt! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQD1AwUBQlW5C0Ng1DRVIGjBAQIG3wb/d7xyHjd7djjpgNdDfWNdmt57tMcXzuDr YViYpcq+4IcR08WNpTai+RG5Am5+w2adjXDLormGcuqJ/PBo36wUrzYdHC8YgsHs Rv+xNS5QMgae3+rNBx60FSaHkQ6TvkQOzhfMjIK/rZGDHZVRNL/DinbgIUghfP7k aq//DRo4u58n5EcKR4hRMLPSm763O4ftu8FABNRrnAzHvAghw/AltJIHP7x2634G s3nMcaLkKqtGZIx0DpbNqCFJwWWOSMF0/8VjRcQ8ie9zERdJztonVIrJS9YXZBLP e62MsIXE4QE= =DoU0 -----END PGP SIGNATURE-----
You want to read man syslog-ng. Dirk Escudero, Peter Louis schrieb:
I have a Dell PE1750 running SuSE Linux 9.1 Pro, which I'd like to turn into a syslog server. Since I can only have 8 local facilities (local0 - local7), which are not enough for all the devices we have on the network, I need to run multiple syslogd daemons. Is this feasible, & how do I do it? Any info you can provide will be greatly appreciated.
Peter Escudero
TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de -------------------------------------------------------- working hard | for your success -------------------------------------------------------- Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl -------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: peterlouis.escudero@eds.com, suse-security@suse.com # Dateianhänge: 0 Die Mitteilung dieser E-Mail ist vertraulich und nur für den oben genannten Empfänger bestimmt. Wenn Sie nicht der vorgesehene Empfänger dieser E-Mail oder mit der Aushändigung an ihn betraut sind, weisen wir darauf hin, daß jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung sowie Weitergabe des Inhalts untersagt ist. Wir bitten Sie uns in diesem Fall umgehend zu unterrichten. Vielen Dank The information contained in this E-Mail is privileged and confidental intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient or competent to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this E-Mail is strictly prohibited. If you have received this E-Mail in error, please notify us immediately. Thank you
participants (3)
-
Dirk Schreiner
-
Escudero, Peter Louis
-
Philippe Vogel