skip to main content
Configuring Clients : UNIX Machines
   
UNIX Machines
 
syslogd
syslog-ng
Sending Text Files to LogServer
 
A UNIX machine has built-in support for syslog and hence you do not need to install any extra software.
 
syslogd
 
On most systems, you will find a config file callet /etc/syslog.conf - this is where you enter the host name or IP address of your op5 LogServer host.
If your op5 LogServer host is on IP address 172.16.32.64, and you want to forward all facilities to it, append the following to /etc/syslog.conf and restart your syslog daemon:
*.* @172.16.32.64
Some systems do not understand *.* - if this is the case you have to enter all facilities separatly.
auth.*
@172.16.32.64
authpriv.*
@172.16.32.64
cron.*
@172.16.32.64
daemon.*
@172.16.32.64
ftp.*
@172.16.32.64
kern.*
@172.16.32.64
lpr.*
@172.16.32.64
mail.*
@172.16.32.64
mark.*
@172.16.32.64
news.*
@172.16.32.64
security.*
@172.16.32.64
syslog.*
@172.16.32.64
user.*
@172.16.32.64
uucp.*
@172.16.32.64
local0.*
@172.16.32.64
local1.*
@172.16.32.64
local2.*
@172.16.32.64
local3.*
@172.16.32.64
local4.*
@172.16.32.64
local5.*
@172.16.32.64
local6.*
@172.16.32.64
local7.*
@172.16.32.64
Note that on some systems, notably Solaris, the blank between the facility and the reciving host has to be made up of tabs, not spaces.
For details on how to configure syslog.conf, please refer to the manual:
man syslog.conf
syslog-ng
 
More and more clients uses syslog-ng for sending syslog messages to a loghost.
If you use syslog-ng you can benefit from the stability to use tcp connection instead of the standard udp.
 
Sample /etc/syslog-ng/syslog-ng.conf to setup logging to loghost:
# all known message sources
source s_all {
# message generated by Syslog-NG
internal();
# standard Linux log source (this is the default place for the syslog()
# function to send logs to)
unix-stream("/dev/log");
# messages from the kernel
file("/proc/kmsg" log_prefix("kernel: "));
};
 
destination d_loghost {
tcp("172.16.32.64" port(514));
};
 
# send everything to loghost
log {
source(s_all);
destination(d_loghost);
};
 
Sending Text Files to LogServer
 
Some applications do not send their logs to syslog, but store them in a file on disk.
Most applications can be configured to use syslog, and changing the configuration of those applications should be your first hand choice.
Another option is using tail and logger to read the log file, and sen appended lines to syslog. This command will read /var/log/myapp.log and send it to syslog as facility daemon and severity info.
 
tail -f /var/log/myapp.log | logger -p daemon.info
 
You can use a command like the one above for your application, and make sure it is executed in reboot - on many systems this can be done by placing the command in /etc/rc.local.