Educational ICT Virtualisation Specialist

Twitter LinkedIn E-mail
Precedence Technologies Ltd
Technology House, 36a Union Lane
Cambridge, CB4 1QB, United Kingdom
T: +44 (0)8456 446 800 / +44 (0)1223 359900
E: enquiries@precedence.co.uk
Syslog

Jump To: Support > KB > NetManager > Syslog

Using syslog to collect and forward logs

Syslog is a standard mechanism for collecting logs centrally from various services. Services may be running on different servers, not just locally on NetManager, and once collected the logs can be:

  • Saved to log files (e.g. /var/log/messages)
  • Forwarded onto another syslog server
  • Displayed on the console or to any users logged in at a command line

Each log message has a facility associated with it. A facility code is used to specify the type of program that is logging the message. Messages with different facilities may be handled differently. Similarly each message has a severity (e.g. whether it is an error, a warning or just informational). Messages can be diverted to various places based on their facility and severity. A number of standard local log files are configured. For example, email logs go to /var/log/maillog.

You can add your own definitions by adding them to /etc/netmanager/syslog.additional. For full details, please read the syslog.conf manual page. There are also a number of configuration shortcuts:

  • syslog_auth_remote - IP address or hostname to send authentication logs to (e.g. failed ssh logins). These are already logged to /var/log/authlog
  • syslog_firewall_remote - IP address or hostname to send firewall logs to (e.g. blocked packets)
  • syslog_firewall_local - set to y to save firewall logs to /var/log/firewall.log
© Copyright Precedence Technologies 1999-2024
Page last modified on July 30, 2021, at 01:07 PM by sborrill