Alankellyeire
11-08-19, 02:20
Hey,
I am trying to configure syslogd to forward the logs to another host but am unable to get it working
from what i can see in the "/etc/init.d/syslog" it looks like it is pulling the config from "/etc/syslog-startup.conf" but after adding my remote host like below the logs are not being sent.
# This configuration file is used by the busybox syslog init script,
# /etc/init.d/syslog[.busybox] to set syslog configuration at start time.
DESTINATION=file # log destinations (buffer file remote)
LOGFILE=/var/log/messages # where to log (file)
REMOTE=192.168.0.30:514 # where to log (syslog remote)
REDUCE=no # reduce-size logging
DROPDUPLICATES=no # whether to drop duplicate log entries
#ROTATESIZE=0 # rotate log if grown beyond X [kByte]
#ROTATEGENS=3 # keep X generations of rotated logs
BUFFERSIZE=64 # size of circular buffer [kByte]
FOREGROUND=no # run in foreground (don't use!)
LOGLEVEL=5 # local log level (between 1 and 8)
I am sniffing the traffic from engima2 device and i can not see any traffic being sent out on port 514 after restarting syslog and rebooting the box.
Any idea where i should specifily the remote host. I have also tired adding the remote host to this "/etc/syslog.conf" in the usual syslog format but no luck with that either.
# /etc/syslog.conf Configuration file for busybox's syslogd utility
*.* @192.168.0.30
On another note I dont see any auth logs. is there a way to enable this
I am trying to configure syslogd to forward the logs to another host but am unable to get it working
from what i can see in the "/etc/init.d/syslog" it looks like it is pulling the config from "/etc/syslog-startup.conf" but after adding my remote host like below the logs are not being sent.
# This configuration file is used by the busybox syslog init script,
# /etc/init.d/syslog[.busybox] to set syslog configuration at start time.
DESTINATION=file # log destinations (buffer file remote)
LOGFILE=/var/log/messages # where to log (file)
REMOTE=192.168.0.30:514 # where to log (syslog remote)
REDUCE=no # reduce-size logging
DROPDUPLICATES=no # whether to drop duplicate log entries
#ROTATESIZE=0 # rotate log if grown beyond X [kByte]
#ROTATEGENS=3 # keep X generations of rotated logs
BUFFERSIZE=64 # size of circular buffer [kByte]
FOREGROUND=no # run in foreground (don't use!)
LOGLEVEL=5 # local log level (between 1 and 8)
I am sniffing the traffic from engima2 device and i can not see any traffic being sent out on port 514 after restarting syslog and rebooting the box.
Any idea where i should specifily the remote host. I have also tired adding the remote host to this "/etc/syslog.conf" in the usual syslog format but no luck with that either.
# /etc/syslog.conf Configuration file for busybox's syslogd utility
*.* @192.168.0.30
On another note I dont see any auth logs. is there a way to enable this