Search This Blog

Sunday, 22 November 2009

Configuring solaris system as syslog server

By this proceedure, you can monitor all system logs froma a single host.

For configuring syslog server in Unix, nothing to do in sever side. Do the following changes in client side

1. Make a backup of /etc/syslog.conf file

2. Add the hostname of server in /etc/host (server should be pingable using hostname either DNS)

3. Add this line /etc/syslog.conf of client


*.err;kern.debug;daemon.notice;mail.crit @remoteunixhostname

Note down, don’t use any space in /etc/syslog.conf file, use only tabs instead.

5. Restart sylog service in client

svcadm restart svc:/system/system-log:default -> this is for solari 10

/etc/init.d/syslog stop; /etc/init.d/syslog start -> this is for other solaris OS

6. Make sure UDP port 514 is opened from client to server (client -514 ->server)

Once its ok, you will be all to see all logs generated in clients will be logged either in /var/adm/messages of server and /var/adm/messages of client. If you have multiple client add the same entry in all client. Messages can be identified from server side, by host name of the client in each line of messages.

1 comment: