On 12/05/2011 12:40 AM, Scott A. Johnson wrote:
> Anyone have any experience setting up remote syslogg'ing? I've spent
> the better part of today following several "how to" guides with
> syslog-ng and am looking for pointers, best practices, or a how-to
> that is confirmed current/working. :)
>
> Many thanks.
>
I would recommend looking into rsyslog instead of syslog-ng, they are
both good, but rsyslog is increasingly being integrated with
distributions and seems to be a bit more open. I would further recommend
using TCP as your transport to provide a bit more reliability over UDP
and depending on your security needs perhaps using TLS to cover your
transport.
All that being said the setup is usually pretty simple, configure the
server, open the port, configure the client, make sure the client is
sending to the server and that should be it. The syntax, at least for
rsyslog, is pretty simple:
*.* @@rsyslog.server.net #tcp
*.* @rsyslog.server.net #udp
For the server:
$InputTCPServerRun <Your chosen port number here>
And as long as you can telnet from the client to the server at the port
chosen it "should work". But you know how things go...
Mainly what you will run into is problem on the network side, firewalls
etc.
-Erinn
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Dec 5 04:40:57 2011
This archive was generated by hypermail 2.1.8 : Mon Dec 05 2011 - 04:40:58 AKST