syslog-ng + webmin for remote logging on ubuntu

[xlancealotx]

ok, 1st post as I'm still new with syslog-ng.  I am using ubuntu9, have 7 webservers which I wish to centrally log.  I have a seperate u9 machine running webmin also, and both have webmin running with the syslog-ng module intstalled.

Now here is where I am stuck. 
1. Does the server install/start out of the box listen for client machines to write to him or do you have to allow? 
A ps on the server shows;   Ss   15:27   0:00 /usr/sbin/syslog-ng -p /var/run/syslog-ng.pid

2. Client machine.  Now a little confused using the webmin mod (even worse looking at command line).  So in webmin, I went to log source, created my 1st, called it domain.com-access.  I then checked (not sure on this) the stream socket checkbox, put in the logfile name (under /var/log/apache2/doman-access_log)  Saved, went to log destination, said new, added a name, then at the bottom hit the syslog radio button, entered the IP and saved.  Lastly, went to log targets, said add new, named it, not sure what (if any) to check and then seleceted the new destination file created earlier.

Applied (saw the restart) but not sure how to debug, etc.  As the local is still writing (not sure if it will or not) but nothing on the server side.  Again, not sure where it would write the file on the remote server, is the same the same from the apache config file, etc.

Again, pretty new at syslog, so any help is appreciated.  If I need to provide more, just let me know what and I will.

Thanks.

[Admin]

1.  By default, syslog-ng won't accept messages from the network, but unlike the other syslogd's, it's not a command line switch; it's a directive in the syslog-ng.conf file.

2.  I'm not really sure what webmin is doing.  can you post the syslog-ng.conf file for both the client and the server that was created by webmin?

[xlancealotx]

Thanks, due to the size, I don't see a file attach in the forum I will stick them on one of my webservers so use the 2 links below.  As for #1, I didn't see a directive to say "allow remote" or anything, but there is a lot to look at.  Anyway, here are the 2 files.

http://www.darkerforce.com/syslog_server.conf
http://www.darkerforce.com/syslog_client.conf

Now as I said, I did this all in webmin, so not sure what they do/don't do as a standard.  I am usually not a fan of gui tools, but failed on syslog-ng so many times in the past thought I would join a forum and try webmin 

Thanks.

[mutex]

I installed webmin to see what it looked like.  You will want to go to "log sources", then "add a new log source".  There you can pick the UDP server.  Restart it and it should be able to receive logs.