3,249
edits
Changes
From SME Server
Jump to navigationJump to search→SME 9.0 Server redirect to another syslog file
==SME 8.0 Server as SYSLOG server==
==Syslog==
===SME 8.0 Server as SYSLOG server===
If you have network devices or appliances that can log to '''SYSLOG''', the following mini '''Howto''' shows how you can enable your SME Server to capture the '''SYSLOG''' messages and record them in your messages log.
If you have network devices or appliances that can log to '''SYSLOG''', the following mini '''Howto''' shows how you can enable your SME Server to capture the '''SYSLOG''' messages and record them in your messages log.
to view new entries being added to your messages log and see if the '''SYSLOG''' entries of your network device or appliance are showing up.
to view new entries being added to your messages log and see if the '''SYSLOG''' entries of your network device or appliance are showing up.
==== Adding a SYSLOG facility and receive WINDOWS event logs ====
----
==SME 9.0 Server as SYSLOG server==
create the desired log file:
touch /var/log/windows
in /etc/e-smith/templates-custom/etc/syslog.conf/00filenames
add a row
$windows = "/var/log/windows";
pay attention to leave the
"";
on the last line!
in /etc/e-smith/templates-custom/etc/syslog.conf/local4 (o one of the other local if they are in use already)
change
local4.* -{ "${messages}" }
in
local4.* -{ "${windows}" }
expand templates
expand-template /etc/sysconfig/syslog;
expand-template /etc/syslog.conf
restart syslog
service syslog restart
to redirect (in copy) the windows logs, I used http://code.google.com/p/eventlog-to-syslog/
copy evtsys.dll and evtsys.exe to c:\windows\system32 and execute
evtsys.exe -i -h YOURSMESERVERIP -f local4
and then
net start evtsys
===SME 9.0 Server as SYSLOG server===
If you have network devices or appliances that can log to '''SYSLOG''', the following mini '''Howto''' shows how you can enable your SME Server to capture the '''SYSLOG''' messages and record them in your messages log.
If you have network devices or appliances that can log to '''SYSLOG''', the following mini '''Howto''' shows how you can enable your SME Server to capture the '''SYSLOG''' messages and record them in your messages log.
to view new entries being added to your messages log and see if the '''SYSLOG''' entries of your network device or appliance are showing up.
to view new entries being added to your messages log and see if the '''SYSLOG''' entries of your network device or appliance are showing up.
===SME 9.0 Server redirect to another syslog file===
----
mkdir -p /etc/e-smith/templates-custom/etc/sysconfig/rsyslog
vim /etc/e-smith/templates-custom/etc/sysconfig/rsyslog/10perso
== Adding a SYSLOG facility and receive WINDOWS event logs ==
add this
if $programname == 'grandstream' then /var/log/grandstream/grandstream.log
& stop
then
mkdir /var/log/grandstream
touch /var/log/grandstream/grandstream.log
expand-template /etc/sysconfig/rsyslog
service rsyslog restart
also rotate it
vim /etc/logrotate.d/grandstream
/var/log/grandstream/*.log {
weekly
rotate 5
compress
notifempty
missingok
nocreate
sharedscripts
endscript
}
----
----
----
[[Category:Howto]]
[[Category:Howto]]
[[Category:Administration:Monitoring]]
[[Category:Administration:Monitoring]]
