Manualshelf

Service manual

ManualsBrandsAvocent ManualsComputer equipmentCyclades ACS
81828384858687888990
Chapter 5: Administration 79
log { source(sysl); source(s_udp); filter(f_messages);
destination(d_messages); };
To send an email if message received from local syslog client has the string kernel panic.
log { source(sysl); filter(f_kpanic); destination(d_mail1); };
To send an email and pager if message received from local syslog client has the string
“root” login.
log { source(sysl); filter(f_root); destination(d_mail1);
destination(d_pager); };
To send messages with facility kernel and received messages from syslog clients (local
and remote) to remote syslogd.
log { source(sysl); source(s_udp); filter(f_kern); destination(d-
udp1); };
To use syslog-ng configuration with syslog buffering feature:
This configuration example uses the syslog buffering feature and sends messages to the remote
syslogd (10.0.0.1).
1. In /etc/portslave/pslave.conf file configure the syslog buffering parameters.
2. Add the following lines to /etc/syslog-ng/syslog-ng.conf file.
To configure Syslog-ng with multiple remote syslog servers:
1. Configure syslog facility number to receive messages. The remote syslog server filters receive
messages according to this parameter.
cli> config network syslog facility <local0-local7>
2. Configure the servers IP address where syslog messages are sent. Repeat this step to add
additional remote servers.
cli> config network syslog add server <ip address>
3. Activate and save your configuration.
conf.DB_facility 1
all.syslog_buffering 100
#local syslog clients
source src { unix-stream("/dev/log"); };
destination d_buffering { udp("10.0.0.1"); };
filter f_buffering { facility(local1) and level(notice); };
#send only syslog_buffering messages to remote server
log { source(src); filter(f_buffering);
destination(d_buffering); };