[plug] network log reporting
wolfbite.aus at gmail.com
Wed Jun 22 23:42:04 WST 2011
Thanks that seems to be a push in the right direction
confirmed syslog server working
can recieve test from other machines using nc -w0 -u 192.168.0.1 514 <<<
"testing again from my home machine"
all machine and server firewalls disabled while trying to resolve
only abnormal issue is
rsyslogd-2039: Could no open output pipe '/dev/xconsole' [try
which seems to been an ongoing issue for the last few ubuntu's
newer rsyslog 5.8.1-1ubuntu1
available The Oneiric Ocelot
<https://launchpad.net/ubuntu/oneiric/+source/rsyslog> (active development)
does this seem to be the issue (and maybe i'll try building newer rsyslog
or issue somewhere else that I might be missing??
On 22/06/11 18:21, Adrian Woodley wrote:
> Most syslog packages, including rsyslog which is the default on
> Ubuntu, will do logging via TCP/UDP.
> On your receiving box, edit /etc/rsyslog.conf and uncomment:
> $ModLoad imudp
> $UDPServerRun 514
> $ModLoad imtcp
> $InputTCPServerRun 514
> On your log generating boxes, create /etc/rsyslog.d/10-remote:
> *.* @@<ip.of.log.server>:514;SyslFormat
> From there you could use something like Splunk (htp://www.splunk.com/)
> to interrogate and display your logs. (I believe there's a free
> version, with a volume limit on the amount of logs to be processed a
> day). Patrick Coleman knows heaps about Splunk and will probably jump
> on here shortly to evangelise it.
> I've also come across Adiscon Log Analyzer
> (http://loganalyzer.adiscon.com/), while looking on the rsyslog.com
> page. I haven't used it, but the demo page looks interesting. It also
> has a free download.
> If you give either of these products a go, let us know how you get on
> and what you think.
> On 06/22/2011 05:20 PM, wolfbite wrote:
>> be gentle with me and dont make my head hurt too much :)
>> I have multiple computers connected to my network
>> I've setup a OLD computer and screen to be an information computer
>> (computer & screen perm on)
>> I currently have it running with
>> ubuntu maverick
>> xorg openbox
>> conky clock
>> conky wearther
>> conky googlecalendar (love conky :)
>> looking at displaying syslog & such from multiple computers (local
>> already ok)
>> what I want is a SIMPLE :) system where I can send syslogs or other
>> data from any computer to monitor computer.
>> I dont want the info going external (ie out via isp then back,
>> security &spam reasons)
>> but I would like to keep it simple without maintaining a full blown
>> mail server etc.
>> seems like theres LOTS of ways but seem quit convoluted
>> looked at offlineimap, postfix, exim, etc and my brain is glazing over
>> any pointing into the right direction appreciated
>> PLUG discussion list: plug at plug.org.au
>> Committee e-mail: committee at plug.linux.org.au
> PLUG discussion list: plug at plug.org.au
> Committee e-mail: committee at plug.linux.org.au
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the plug