[plug] network log reporting

wolfbite wolfbite.aus at gmail.com
Fri Jun 24 06:37:25 WST 2011 

nup! still missing something

everything seems to point that the central server  works and can 
recieve  a command on the port

looks like its probably the client sending box not sending (but can send 
a non syslog test to server from box

did build of rsyslog 5.8.2
still seems the same, so guess it must be issue with client sending

any ideas appreciated

thanks

On 22/06/11 18:21, Adrian Woodley wrote:
> Most syslog packages, including rsyslog which is the default on 
> Ubuntu, will do logging via TCP/UDP.
>
> On your receiving box, edit /etc/rsyslog.conf and uncomment:
>
> $ModLoad imudp
> $UDPServerRun 514
>
> $ModLoad imtcp
> $InputTCPServerRun 514
>
> On your log generating boxes, create /etc/rsyslog.d/10-remote:
> *.* @@<ip.of.log.server>:514;SyslFormat
>
> From there you could use something like Splunk (htp://www.splunk.com/) 
> to interrogate and display your logs. (I believe there's a free 
> version, with a volume limit on the amount of logs to be processed a 
> day). Patrick Coleman knows heaps about Splunk and will probably jump 
> on here shortly to evangelise it.
>
> I've also come across Adiscon Log Analyzer 
> (http://loganalyzer.adiscon.com/), while looking on the rsyslog.com 
> page. I haven't used it, but the demo page looks interesting. It also 
> has a free download.
>
> If you give either of these products a go, let us know how you get on 
> and what you think.
>
> Cheers,
>
> Adrian
>
> On 06/22/2011 05:20 PM, wolfbite wrote:
>> be gentle with me and dont make my head hurt too much :)
>>
>> I have multiple computers connected to my network
>> I've setup a OLD computer and screen to be an information computer 
>> (computer & screen  perm on)
>>
>> I currently have it running with
>> ubuntu maverick
>> xorg openbox
>> conky clock
>> conky wearther
>> conky googlecalendar (love conky :)
>>
>> looking at displaying syslog & such from multiple computers (local 
>> already ok)
>>
>> what I want is a SIMPLE :) system where I can send syslogs or other 
>> data from any computer to monitor computer.
>> I dont want the info going external (ie out via isp then back, 
>> security &spam reasons)
>> but I would like to keep it simple without maintaining a full blown 
>> mail server etc.
>>
>> seems like theres LOTS of ways but seem quit convoluted
>> looked at offlineimap, postfix, exim, etc and my brain is glazing over
>>
>> any pointing into the right direction appreciated
>>
>> Thanks
>> _______________________________________________
>> PLUG discussion list: plug at plug.org.au
>> http://lists.plug.org.au/mailman/listinfo/plug
>> Committee e-mail: committee at plug.linux.org.au
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>

More information about the plug mailing list