if you want to allow 'sysklog' can receive log from the client server you on set '/etc/init.d/syslog' by change parameter option
++ OLD ++
SYSLOGD_OPTIONS="-m 0"
++ NEW ++
SYSLOGD_OPTIONS="-r -x -m 0"
-r This option will enable the facility to receive message from the network using an internet domain socket with the syslog service (see ser-vices(5)). The default is to not receive any messages from the network.
-x Disable name lookups when receiving remote messages. This avoids deadlocks when the nameserver is running on the same machine that runs the syslog daemon.
++ Configure of Client Server ++
Add below lines to '/etc/syslog.conf'
*.* @syslogserver
++ Configure of Cisco Devices ++
config term
logging
logging trap notifications
service timestamps log datetime
logging on
Lastly, don't forget to allow iptables by add this below line to '/etc/sysconfig/iptables'
-A RH-Firewall-1-INPUT -p udp -m udp --dport 514 -j ACCEPT
reference: http://www.aboutdebian.com/syslog.htm
== TaTsHuYa ==
No comments:
Post a Comment