Help with syslog
der.hans
PLUGd at LuftHans.com
Thu Jun 21 02:03:28 MST 2007
Am 20. Jun, 2007 schwätzte Bryan O'Neal so:
moin moin Bryan,
> I have a dozen or so devices that shoot me syslog info and, I will
> admit, up until now I have been using a windows box as my syslog server.
> Now I want to use my linux box. I have two nicks in my linux box and I
> pointed my devices to the IP of eth0. I then added local0.* through
> local6.* to my syslog.conf and pointed them to respective logs. I
> restarted syslog (service syslog restart) and eagerly awaited
> information, but none arrived.
Is your syslog server listening for external syslog entries?
# For remote UDP logging use SYSLOGD="-r"
That's in /etc/default/syslogd on my box.
If you've got the -r set, you might want to verify that syslog is
listening to UDP port 514 on eth0.
After that make sure you don't have any firewall rules preventing
receiving the packets.
If all of that is good use tcpdump/wireshark/etc. on the client box to
investigate the packets being sent.
ciao,
der.hans
--
# https://www.LuftHans.com/ http://www.CiscoLearning.org/
# "I decry the current tendency to seek patents on algorithms. There are
# better ways to earn a living than to prevent other people from making use
# of one's contributions to computer science." -- Donald E. Knuth
More information about the PLUG-discuss
mailing list