If you're using a newer version of syslogd you may need to pass it the -r parameter (for the logging machine). I think SYSLOGD_PARAMS="-r" in /etc/rc.config on the logging machine should work William Raffy wrote:
If I remeber you can log to another machine by editing /etc/syslog.conf
Yes, for example:
kern.debug,user.info,syslog.info @loggingmachine
Make sure that loggingmachine is known by the box (make an entry in the hosts-file).
Cheers
Raffy
On Fri, 15 Dec 2000, Roman Ernst wrote:
Hi...
what would be the best way to centralize the loging of about 15 firewalls onto one single machine (so... maybe crontab entry moving the logs to this single machine?)
and... which tools could I use on this machine to analyze these log files automatically?
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com