RE: Syslog Server on Debian Etch
Syslog was working fine on the clients, I had it installed to a diff
linux server and was trying to move it over. The issue was the location
of the sysklogd file. The walkthough I found told me to modify the
/etc/init.d/sysklogd file, when it should have been the
/etc/default/syslogd file.
The syslog service is now running, listening on the correct port, and
receiving messages from the Juniper firewall, but it's going to the
/var/log/syslog file instead of the file I've indicated for the
filename, /mnt/hdb1/syslog/logfilename.log
Is anyone else monitoring Juniper Netscreen firewalls? Is there
something other than local7.debug I should be using to send it to the
logfile I want?
Thanks.
-----Original Message-----
From: Douglas A. Tutty [mailto:dtutty@porchlight.ca]
Sent: Tuesday, November 06, 2007 8:17 AM
To: debian-user@lists.debian.org
Subject: Re: Syslog Server on Debian Etch
On Tue, Nov 06, 2007 at 08:05:39AM -0700, Joel Roberts wrote:
> I'm trying to configure a syslog server on Debian Etch, but so far the
> only walkthrough I've found is for Debian Sarge. The walkthrough says
to
> modify the /etc/init.d/sysklogd file at the line that says: SYSLOGD=""
> and change it to SYSLOGD="-r -m0"
>
> There is no such line in the sysklogd file. I added it, but it doesn't
> seem to be logging. Have stopped and restarted the service, rebooted
the
> server and still my log file is at 0 bytes.
>
> In the /etc/syslog.conf, I added the line:
>
> Local7.debug /mnt/hdb1/syslog/logfilename.log
>
> And it did automatically create the file, but nothing's going into it
> from either the Netscreen firewall or the test Windows server. And I
> don't see anything listening on port 514 with a netstat.
>
> Anyone know a way to jumpstart it to get it running? Thanks in
advance.
>
On the sending machine, you put something like:
*.* @logger.my.domain
On the receiving hosts, syslogd needs the -r parameter.
This is placed in /etc/default/syslogd
You'll also have to open the appropriate port in any firewall (both on
the reciving and sending boxes).
Then I'd reboot all systems; the logger server first, followed by the
logger clients.
Doug.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: