I’m forwarding all syslog events to papertrailapp.com, and they are identified as sent by localhost. It’s not convenient, since I have a few servers and all of them are localhost-s. How can I configure syslog on every machine to have their own unique names? Asked by yegor256 You can fix that by setting the hostnames for these computers. (r)Syslogd does not have a option to set a hostname to transmit/log- Answered by Bonsi Scott Check [...]

i’m attempting to set up my ec2 instance (running amazon linux which as i understand is built on RHEL 5) to forward log messages to loggentries.com but nothing is getting forwarded. as a sanity check i followed the instructions in this article to set up another ec2 instance as the central server and found that messages are not being received. So I tried executing logger -p cron.info TEST on the client machine and found nothing [...]

I’m having a problem using syslog drains as described in https://devcenter.heroku.com/articles/logging. To summarize, I have an Ubuntu 10.04 instance on EC2 that is running rsyslogd. I’ve also set up the security groups as they describe, and added a syslog drain using a command like heroku drains:add syslog://host1.example.com:514. I can send messages from the Heroku console to my rsyslogd instance via nc. I see them appear in the log file, so I know there isn’t a [...]

I have odd problem with syslog local7, my syslog configure the syslog to be written to local7.info /var/log/syslog_info it’s working just fine for years but recent days one device syslog message written on console and I don’t know why this one device syslog on console but other hundreds of devices syslog still written on the file. my question question is how I can stop that? i need syslog from that device so i don’t want [...]

How can syslog-ng be configured to send both the hostname and the IP address. Currently, logs are sent with the IP address of the device/machine, but we want to add the hostname so I could keep my ip management database up to date with the correct hostname (no, I don’t use DHCP ) Asked by Ed Gl If you are sending from one syslog-ng server to another, just add the keep_hostname(yes) option. If you are [...]

I am trying to determine if my Syslog Collector I just set up in vCenter 5 is working correctly. According to this VMware KB article and this VMware blog article, everything seems to be up and running but I don’t see any data in the data folder. Things I have checked: The Windows firewall on vCenter has the ports set to allow inc from the Syslog Collector. The service is running The directories are there, [...]

We have a syslog server and we have all our servers logging to it. We want a sort of “catch-all” drippan rule for all remote messages that we have not configured a rule for. Anyone know how to accomplish this? Asked by Beaming Mel-Bin So this is how I configured this in rsyslog.conf: # Log remote hosts to separate log file $template PerHostLog,”/var/log/remote-hosts/%HOSTNAME%.log” $template RemoteHostFileFormat,”%TIMESTAMP% %HOSTNAME% %syslogfacility-text% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::space-cc,drop-last-lf%\n” :inputname, isequal, “imudp” ?PerHostLog;RemoteHostFileFormat & ~ This [...]

I have an Apache httpd 2.2 server. I want to log all messages using syslog, so that the requests are sent to our central syslog server. I also want to ensure that all log messages are sent to local disk, so that a sysadmin can have easy access to the log files on the local system. It is easy to send HTTP access logs to both the local disk and to syslog. One common method [...]

I’m running Ubuntu and Postgresql 9. I’ve enabled postgresql to log to syslog, and added the following directive to the config file: syslog_facility = ‘local0′”. I’ve tried to configure syslog to log those to a separate file, but that filed. I updtated /etc/syslog.conf so it contains (see last line for the postgresql-directive) auth,authpriv.* /var/log/auth.log *.*;auth,authpriv.none -/var/log/syslog daemon.* -/var/log/daemon.log kern.* -/var/log/kern.log lpr.* -/var/log/lpr.log mail.* -/var/log/mail.log user.* -/var/log/user.log mail.info -/var/log/mail.info mail.warn -/var/log/mail.warn mail.err /var/log/mail.err news.crit /var/log/news/news.crit news.err [...]

I’m currently working on setting up some secure syslog connections between a few Fedora servers. This is my currently setup 192.168.56.110 (syslog-server) <—-> 192.168.57.110 (syslog-agent) From the agent, I am running this command: ssh -fnNTx -L 1514:127.0.0.1:514 syslog_user@192.168.56.110 This works just fine. I have rsyslog on the syslog-agent pointing to @@127.0.0.1:1514 and it forwards everything to the server correctly on port 514 via the tunnel. My issue is, I want to be able to lock [...]