背景:
阅读新闻
RHEL5 下使用syslog-ng构建集中型日志服务器
[日期:2010-03-29] 来源:月牙天冲_博客 作者:naruto6006 [字体:]
该脚本还需要修改下面的三个位置
[root@server2 etc]# grep ‘PATH‘ /etc/init.d/syslog-ng
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/syslog-ng/bin:/usr/local/syslog-ng/sbin
[root@server2 etc]# grep 'INIT' /etc/init.d/syslog-ng |head -2
INIT_PROG="/usr/local/syslog-ng/sbin/syslog-ng" # Full path to daemon
INIT_OPTS="-f /usr/local/syslog-ng/etc/syslog-ng.conf" # options passed to daemon
[root@server2 etc]# service syslog-ng start
Starting syslog-ng: /usr/local/syslog-ng/sbin/syslog-ng: error while loading shared libraries: libevtlog.so.0: cannot open shared object file: No such file or directory
Starting Kernel Logger: 出现此错误是因为共享库链接没做好
[root@server2 etc]# ln -s /usr/local/eventlog/lib/* /lib/
出现下面的问题是因为主配置文件中缺少:@version:3.0这行
Starting syslog-ng: Configuration file has no version number, assuming syslog-ng 2.1 format. Please add @version: maj.min to the beginning of the file;
[root@server2 ~]# service syslog-ng start
Starting Kernel Logger: [ OK ]
[root@server2 etc]# cat /var/log/syslog-ng.log
Jan 28 03:59:07 server2.yang.com syslog-ng[20225]: syslog-ng starting up; version='3.0.5'
客户端配置:
[root@client ~]# tail -1 /etc/syslog.conf
*.* @192.168.90.20
[root@client ~]# logger -i just one test
[root@client ~]# tail -1 /var/log/messages
Jan 27 22:12:02 client root[2861]: just one test
[root@server2 ~]# cat /var/log/syslog-ng/20100128/192.168.90.10/messages
Jan 28 04:24:32 192.168.90.10 root[2861]: just one test
[root@server2 ~]# cat /var/log/syslog-ng/20100128/192.168.90.10/secure
Jan 28 04:01:04 192.168.90.10 sshd[2832]: Accepted publickey for root from 192.168.90.1 port 48834 ssh2
Jan 28 04:01:04 192.168.90.10 sshd[2832]: pam_unix(sshd:session): session opened for user root by (uid=0)
本文评论 查看全部评论 (0)
尊重网上道德,遵守中华人民共和国的各项有关法律法规 承担一切因您的行为而直接或间接导致的民事或刑事法律责任 本站管理人员有权保留或删除其管辖留言中的任意内容 本站有权在网站内转载或引用您的评论 参与本评论即表明您已经阅读并接受上述条款
评论声明
最新资讯