Re: [logs] SYSLOG "forwarding"

From: Jay D. Dyson (jdyson@private)
Date: Fri Jan 28 2005 - 12:37:10 PST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 28 Jan 2005, R. Benjamin Kessler wrote:

> I have a server with stock (linux) syslog running on it that collects 
> logs from network devices.  In addition to storing them locally, I'd 
> also like to forward or "relay" these messages to another destination 
> and I'm having some problems.
>
> I've added the following line to the syslog.conf file:
>
> local7.*	@10.192.4.28
>
> And bounced the process but that doesn't seem to have had any impact.
>
> Any clues as to what I'm doing wrong here?

 	The line from your syslog.conf seems logical, so we need to 
explore other possible complications.

 	Is the syslogd service at 10.192.4.28 listening on 514/UDP? 
Also, what -- if any -- services are typically sending log output at the 
local7 level?  Moreover, is the system you're trying this on also sitting 
on an RFC1918 non-routable address LAN using 10/8?

 	Once we have answers on those questions, we can proceed in 
narrowing down where the major malfunction is.

- -Jay

    (    (                                                        _______
    ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
  C|~~|C|~~| (>----- Jay D. Dyson -- jdyson@private -----<) |    = |-'
   `--' `--'  `--------------- Nil sine Domini. ---------------'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQFB+qKBBYoRACwSF0cRAnG2AJ4mH+tRfVwelFqbj1Q422D0T6GieACfR9h7
RqRBWTyy9Z6m+Em6HOw6R7M=
=J7cK
-----END PGP SIGNATURE-----
_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis



This archive was generated by hypermail 2.1.3 : Fri Jan 28 2005 - 16:34:51 PST