Re: syslog server- how to on Linux

[Julian Plamann <julian () abbey ox cx>]

On Fri, 2002-12-13 at 12:34, netsec novice wrote: 
Typing syslogd at the command line tells me that syslogd is 
> already running but I don't see it listening as a service when I type 
> netstat -an.  
syslogd normally binds to udp port 514. However, if it's started with
flags -ss it will bind to no ports whatsoever. It's likely that it SuSE
starts syslogd with -ss flags so that would explain you not seeing it in
netstat -an. For the server, you'll need to search SuSE's rc startup
scripts (probably /etc/rc.* or something similar...) and remove the -ss
flags from syslogd. Make sure you're aware of the security risks in
doing so (if not firewalled, it will result in anyone over the 'net
being able to log to your syslogd server). 

Basically, in a fairly regular/simple syslog environment you just need
to start up syslogd on the server listening on port 514. The from each
client logging to the syslog server, you edit /etc/syslog.conf and add a
line like: 
*.* @ip.of.syslog.server 

Hope that helps... you should be able to find some more detailed stuff
on google 

       -Julian 

-- 
Julian Plamann <julian () abbey ox cx> \  http://www.ox.cx/
PGP key ID: 0xCC019D52       /  http://ox.cx/~julian

Attachment: signature.asc
Description: This is a digitally signed message part