OK, I guess I'm just brain dead here because here's what I'm seeing now... +--------+ +---------+ +---------+ | Router |-----| Server1 |-----| Server2 | +--------+ +---------+ +---------+ Router sends syslog to server1, server1 sees the message, logs it locally and forwards it to server2. That's all well and good. However, the log entry on server1 says that it's from 'router' - what I want to see; the log entry on server2 says that it's from 'server1' - not what I want to see. Am I missing a parameter here? I want server1 to just "bounce" the messages to server2 without changing them in any way. If anyone knows what I'm missing I would appreciate a point in the right direction. Thanks in advance. Ben -----Original Message----- Sent: Friday, January 28, 2005 4:42 PM To: Log Analysis Mailing List Subject: RE: [logs] SYSLOG "forwarding" Thanks to all of those that have sent me suggestions off-list. It appears that my problem was that I was missing the "-h" from the syslogd options on startup. Yes, I'm running a fairly old version of syslog. Thanks again for everyone's input. Ben -----Original Message----- Sent: Friday, January 28, 2005 2:34 PM To: Log Analysis Mailing List Subject: [logs] SYSLOG "forwarding" Hi all, I have a server with stock (linux) syslog running on it that collects logs from network devices. In addition to storing them locally, I'd also like to forward or "relay" these messages to another destination and I'm having some problems. I've added the following line to the syslog.conf file: local7.* @10.192.4.28 And bounced the process but that doesn't seem to have had any impact. Any clues as to what I'm doing wrong here? Thanks, Ben _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Sat Jan 29 2005 - 10:43:56 PST