FireBrick Syslog: Difference between revisions

From AAISP Support Site
(Created page with "=Syslog setup= On a CentOS machine take these steps to get the FB to log to /var/log/local0 ==Server Side== *Enable syslog to receive messages from the network: **in /etc/sysco...")
 
Line 13: Line 13:
restart syslog service
restart syslog service


=FireBrick Side=
==FireBrick Side==


On the FireBrick, add/edit the syslog line as follows:
On the FireBrick, add/edit the syslog line as follows:

Revision as of 12:33, 10 Ocak 2011

Syslog setup

On a CentOS machine take these steps to get the FB to log to /var/log/local0

Server Side

  • Enable syslog to receive messages from the network:
    • in /etc/sysconfig/syslog, add -r to SYSLOGD_OPTIONS
  • Set up a syslog facility:
    • in /etc/syslog.conf add local0.* -/var/log/local0
  • Set up logrotate to process the log file (not essential, but useful):
    • in /etc/logrotate.d/syslog add /var/log/local? to the first line of files

restart syslog service

FireBrick Side

On the FireBrick, add/edit the syslog line as follows:

<syslog server="ip.of.your.server" severity="NOTICE" facility="LOCAL0"/>

You can set the severity to log more (eg set to DEBUG), but then you'll get a log line every second! See the Docs for more info.

If you then tail /var/log/local0 you'll see log messages