SyslogNG – The Basics

Writing by on Wednesday, 22 of October , 2014 at 6:14 pm

You can find enough documentation online and edoceo is a good resource. But the basics of setting up Syslog-NG are as follows.

Setup and configure the Host Machine where you will receive the syslog messages.

# 1. Install syslog-ng
$ sudo apt-get install syslog-ng

# 2. Backup the config file syslog-ng.conf
$ sudo cp /etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf.orig

# 3. Edit the config file
$ sudo vi /etc/syslog-ng/syslog-ng.conf

# 4. Create a Source, a Destination and bind them together through Log
# Add these in the relevant sections
source s_net { udp(ip(“0.0.0.0”) port(514)); tcp(); };
destination d_somedest { file(“/var/log/somedest.log”); };
log { source ( s_net ); destination ( d_somedest ); };

# 5. Restart syslog-ng
$ sudo service syslog-ng restart

When you configure your Appliance to forward syslog to your Host, you will see the logs in “/var/log/somedest.log”.

Leave a comment

Category: Linux

No Comments

No comments yet.

Leave a comment

You must be logged in to post a comment.

Shivdev Kalambi's Blog

Shivdev Kalambi is a Software Development Manager, previously a Principal Software Engineer at ArcSight/HP. With over 16 years' experience in software development, he's worked on several technologies and played different roles and contributed to all phases of projects. Non-tech activies include Ping-pong, Rock Climbing and Yoga at PG, Golf, Skiing, Swimming & a beer enthusiast.