Logging, Syslog and Log Anaylsys Forums
July 30, 2010, 09:47:25 pm *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News:
   Home   WIKI BLOG Help Search Recent Topics GoogleTagged Login Register  
Pages: [1]
« previous next »
  Print  
Author Topic: Syslog-ng configuration problem help  (Read 1106 times)
capricorn80
Newbie
*
Offline Offline

Posts: 28


View Profile
« on: September 30, 2009, 03:57:10 pm »
 Hi !
 I have setup my syslog-ng. Its receiving some logs but its not functioning properly. I am using two IP addresses for this purpose. On one IP it will listen from different servers and on other IP address it will listen from Network stuff. This is my configuration
---------------------------------
source s_network_1 {udp(ip(10.2.2.1) port(514));};
# Define all the sources of network generated syslog
# messages and label it "s_network_2"
source s_network_2 {udp(ip(10.2.2.4) port(514));};

# Define the destination "d_network_1" log directory
destination d_network_1 {
          file ("/var/log/syslog-ng/servers/$YEAR.$MONTH.$DAY/$HOST/$FACILITY.log");
};

# Define the destination "d_network_2" log directory
destination d_network_2 {
          file ("/var/log/syslog-ng/network/$YEAR.$MONTH.$DAY/$HOST/$FACILITY.log");
};

# Define the destination "d_network_2B" log directory
destination d_network_2B {
          file ("/var/log/syslog-ng/network/all/network.log");
};

# Any logs that match the "s_network_1" source should be logged
# in the "d_network_1" directory

log { source(s_network_1);
      destination(d_network_1);
};

# Any logs that match the "s_network_2" source should be logged
# in the "d_network_2" directory

log { source(s_network_2);
      destination(d_network_2);
};

# Any logs that match the "s_network_2" source should be logged
# in the "d_network_2B" directory also

log { source(s_network_2);
      destination(d_network_2B);
};

-----------
If i check on the syslog-ng folder . I can see that there is a folder created in /var/log/syslog-ng/ with name server is created and its taking log from some cisco devices. I will correct that from client side and i will point my network devices to 10.2.2.4. But the problem is that there is no folder with name network in /var/log/syslog-ng/.
I dont know why its not creating the network folder.

Please help me in this issue.

Regards,
Logged
Admin
Administrator
Newbie
*****
Online Online

Posts: 146


View Profile WWW
« Reply #1 on: September 30, 2009, 08:28:07 pm »
I don't think the directory "network" will be created until syslog-ng has something to write under that directory tree.
Logged
capricorn80
Newbie
*
Offline Offline

Posts: 28


View Profile
« Reply #2 on: October 02, 2009, 09:42:04 am »
Thanks its working fine now.
Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC | Sitemap Valid XHTML 1.0! Valid CSS!