[plug] network log reporting

wolfbite wolfbite.aus at gmail.com
Wed Jun 22 23:42:04 WST 2011 

Thanks that seems to be a push in the right direction

BUT :)

confirmed syslog server working
can recieve test from other machines using nc -w0 -u 192.168.0.1 514 <<< 
"testing again from my home machine"

all machine and server firewalls disabled while trying to resolve

only abnormal issue is

rsyslogd-2039: Could no open output pipe '/dev/xconsole' [try 
http://www.rsyslog.com/e/2039 ]

which seems to been an ongoing issue for the last few ubuntu's

newer rsyslog 5.8.1-1ubuntu1 
<https://launchpad.net/ubuntu/+source/rsyslog/5.8.1-1ubuntu1>only 
available The Oneiric Ocelot 
<https://launchpad.net/ubuntu/oneiric/+source/rsyslog> (active development)

does this seem to be the issue (and maybe i'll try building newer rsyslog

or issue somewhere else that I might be missing??


Thanks anyway



On 22/06/11 18:21, Adrian Woodley wrote:
> Most syslog packages, including rsyslog which is the default on 
> Ubuntu, will do logging via TCP/UDP.
>
> On your receiving box, edit /etc/rsyslog.conf and uncomment:
>
> $ModLoad imudp
> $UDPServerRun 514
>
> $ModLoad imtcp
> $InputTCPServerRun 514
>
> On your log generating boxes, create /etc/rsyslog.d/10-remote:
> *.* @@<ip.of.log.server>:514;SyslFormat
>
> From there you could use something like Splunk (htp://www.splunk.com/) 
> to interrogate and display your logs. (I believe there's a free 
> version, with a volume limit on the amount of logs to be processed a 
> day). Patrick Coleman knows heaps about Splunk and will probably jump 
> on here shortly to evangelise it.
>
> I've also come across Adiscon Log Analyzer 
> (http://loganalyzer.adiscon.com/), while looking on the rsyslog.com 
> page. I haven't used it, but the demo page looks interesting. It also 
> has a free download.
>
> If you give either of these products a go, let us know how you get on 
> and what you think.
>
> Cheers,
>
> Adrian
>
> On 06/22/2011 05:20 PM, wolfbite wrote:
>> be gentle with me and dont make my head hurt too much :)
>>
>> I have multiple computers connected to my network
>> I've setup a OLD computer and screen to be an information computer 
>> (computer & screen  perm on)
>>
>> I currently have it running with
>> ubuntu maverick
>> xorg openbox
>> conky clock
>> conky wearther
>> conky googlecalendar (love conky :)
>>
>> looking at displaying syslog & such from multiple computers (local 
>> already ok)
>>
>> what I want is a SIMPLE :) system where I can send syslogs or other 
>> data from any computer to monitor computer.
>> I dont want the info going external (ie out via isp then back, 
>> security &spam reasons)
>> but I would like to keep it simple without maintaining a full blown 
>> mail server etc.
>>
>> seems like theres LOTS of ways but seem quit convoluted
>> looked at offlineimap, postfix, exim, etc and my brain is glazing over
>>
>> any pointing into the right direction appreciated
>>
>> Thanks
>> _______________________________________________
>> PLUG discussion list: plug at plug.org.au
>> http://lists.plug.org.au/mailman/listinfo/plug
>> Committee e-mail: committee at plug.linux.org.au
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20110622/8aa3b965/attachment.html>

More information about the plug mailing list