Loading ...
Sorry, an error occurred while loading the content.

WIKI how-to addition: syslog-ng

Expand Messages
  • Dale VanZile
    Hi! I d like to submit below what I ve got so far, to be the beginnings of a how to SetUpSyslog-ng page, in the hopes that someone who knows more about this
    Message 1 of 7 , Jun 17, 2005
    • 0 Attachment
      Hi!

      I'd like to submit below what I've got so far, to be the beginnings of a
      how to SetUpSyslog-ng page, in the hopes that someone who knows more
      about this than I do (that would be just about everyone, including four
      out of five of my cats...) can patch extra info onto it and flesh it out.

      Thanks,

      C ya,
      Dutch

      Here's what I've got:
      -------------------------------------

      Hi again, all!

      I was able to get syslog-ng working (as far as I can tell) by simply
      commenting out the two lines that contained references to console and
      console_all, but am concerned that I won't be getting the f_emergency
      messages that I'm supposed to be getting.

      Any clue as to what I should do, since there doesn't seem to be any info
      on this in the Wiki or anything useful pertaining to the uNSLUng NSLU2
      and syslog-ng on google?

      Thanks in advance!

      C ya,
      Dutch
      ---------------

      Dale VanZile wrote:

      > Hi all!
      >
      > I get this error message when trying to run syslog-ng with the default
      > config file that came with it in the ipkg install:
      >
      > 17-Jun-2005_21:51:11
      > root@DVZ_NET_FS
      > /share/hdd/conf/unslung :^> syslog-ng -d -v
      > binding fd 3, inetaddr: 0.0.0.0, port: 514
      > io.c: Preparing fd 3 for reading
      > io.c: Preparing fd 4 for reading
      > binding fd 5, unixaddr: /dev/log
      > io.c: listening on fd 5
      > unresolved reference: console
      > Error initializing configuration, exiting.
      >
      > I then grepped the syslog-ng.conf file to see what the problem reference
      > might be, and got this:
      >
      > 17-Jun-2005_21:51:57
      > root@DVZ_NET_FS
      > /share/hdd/conf/unslung :^> cat /opt/etc/syslog-ng/syslog-ng.conf |grep
      > console
      > log { source(src); filter(f_emergency); destination(console); };
      > log { source(src); destination(console_all); };
      >
      > Anyone out there know what's going on with this thing? I sure don't!
      > :^) I couldn't find anything about it in the Wiki, and a google didn't
      > reveal a good FAQ on it that pertains to the uNSLUng NSLU2. I can post
      > the whole syslog-ng.conf if you think it'll help.
      >
      > I'd really like to get syslog-ng going, so I can see from where
      > someone's been occasionally running a username/password scan on my
      > slug's SSH, block that IP, and send a letter to the appropriate place
      > advising the ISP of this abuse.... Yeah, I know, I should set up the
      > private keys and move to a non-standard port, but I've been a bit busy
      > with work (two jobs) and haven't had time to get it figured out and set
      > up....
      >
      > Thanks in advance!
      >
      > C ya,
      > Dutch
    • Inge Bjørnvall Arnesen
      Hi Dale, Yes, there is not that much info on syslog-ng. I m the maintainer and I run it in production. Where will I find your wiki attempt (searched but no
      Message 2 of 7 , Jun 19, 2005
      • 0 Attachment
        Hi Dale,

        Yes, there is not that much info on syslog-ng. I'm the maintainer and I run
        it in production. Where will I find your wiki attempt (searched but no
        match)?

        Since we (normally) don't have a console on the slug, commenting out the
        filtering of emergencies to console is correct. The point of this line is to
        send all errors of a certain level to go to the console window regardless of
        facility - these messages will (and should) normally also go to log files,
        so you will not be missing out. What you want is for sources and all
        facilities (log "type" if you like) you want to log there should be a filter
        that routes it to at least one destination.

        We can start from there.

        best,

        -- Inge


        ----Original Message----
        From: nslu2-linux@yahoogroups.com
        [mailto:nslu2-linux@yahoogroups.com] On Behalf Of Dale
        VanZile Sent: 18. juni 2005 07:58 To:
        nslu2-linux@yahoogroups.com Subject: [nslu2-linux] WIKI
        how-to addition: syslog-ng

        > Hi!
        >
        > I'd like to submit below what I've got so far, to be the
        > beginnings of a
        > how to SetUpSyslog-ng page, in the hopes that someone who
        > knows more
        > about this than I do (that would be just about everyone,
        > including four
        > out of five of my cats...) can patch extra info onto it
        > and flesh it out.
        >
        > Thanks,
        >
        > C ya,
        > Dutch
        >
        > Here's what I've got:
        > -------------------------------------
        >
        > Hi again, all!
        >
        > I was able to get syslog-ng working (as far as I can
        > tell) by simply commenting out the two lines that
        > contained references to console and console_all, but am
        > concerned that I won't be getting the f_emergency
        > messages that I'm supposed to be getting.
        >
        > Any clue as to what I should do, since there doesn't seem
        > to be any info on this in the Wiki or anything useful
        > pertaining to the uNSLUng NSLU2 and syslog-ng on google?
        >
        > Thanks in advance!
        >
        > C ya,
        > Dutch
        > ---------------
        >
        > Dale VanZile wrote:
        >
        > > Hi all!
        > >
        > > I get this error message when trying to run syslog-ng
        > with the default > config file that came with it in the
        > ipkg install: > > 17-Jun-2005_21:51:11 >
        > root@DVZ_NET_FS > /share/hdd/conf/unslung :^> syslog-ng
        > -d -v > binding fd 3, inetaddr: 0.0.0.0, port: 514 >
        > io.c: Preparing fd 3 for reading > io.c: Preparing fd 4
        > for reading > binding fd 5, unixaddr: /dev/log > io.c:
        > listening on fd 5 > unresolved reference: console >
        > Error initializing configuration, exiting. > > I then
        > grepped the syslog-ng.conf file to see what the problem
        > reference > might be, and got this: > >
        > 17-Jun-2005_21:51:57 > root@DVZ_NET_FS >
        > /share/hdd/conf/unslung :^> cat
        > /opt/etc/syslog-ng/syslog-ng.conf |grep > console > log
        > { source(src); filter(f_emergency); destination(console);
        > }; > log { source(src); destination(console_all); }; >
        > > Anyone out there know what's going on with this thing?
        > I sure don't! > :^) I couldn't find anything about it
        > in the Wiki, and a google didn't > reveal a good FAQ on
        > it that pertains to the uNSLUng NSLU2. I can post > the
        > whole syslog-ng.conf if you think it'll help. > > I'd
        > really like to get syslog-ng going, so I can see from
        > where > someone's been occasionally running a
        > username/password scan on my > slug's SSH, block that
        > IP, and send a letter to the appropriate place >
        > advising the ISP of this abuse.... Yeah, I know, I
        > should set up the > private keys and move to a
        > non-standard port, but I've been a bit busy > with work
        > (two jobs) and haven't had time to get it figured out and
        > set > up.... > > Thanks in advance! > > C ya, >
        > Dutch
        >
        >
        > [ Moderator Note: All new information should be recorded
        > in the Wiki at http://www.nslu2-linux.org ]
        > Yahoo! Groups Links
        >
        >
        >
      • Dale VanZile
        Inge-- The page for adding How-To info to the wiki requires a password, so I sent my second email (originally posted on the general list, and replying to my
        Message 3 of 7 , Jun 19, 2005
        • 0 Attachment
          Inge--
          The page for adding How-To info to the wiki requires a password, so I
          sent my second email (originally posted on the general list, and
          replying to my own question) to this list for addition to the wiki.
          They are at the bottom of my original post, to which you've replied....

          So, basically, what you're saying is that I figured out the syslog-ng
          config myself by commenting out those two console lines? I've chopped
          up my two original emails to make my wiki suggestion, and I've added it
          to the bottom of this email. Cool!

          Thanks!

          C ya,
          Dutch


          Inge Bjørnvall Arnesen wrote:

          >Hi Dale,
          >
          >Yes, there is not that much info on syslog-ng. I'm the maintainer and I run
          >it in production. Where will I find your wiki attempt (searched but no
          >match)?
          >
          >Since we (normally) don't have a console on the slug, commenting out the
          >filtering of emergencies to console is correct. The point of this line is to
          >send all errors of a certain level to go to the console window regardless of
          >facility - these messages will (and should) normally also go to log files,
          >so you will not be missing out. What you want is for sources and all
          >facilities (log "type" if you like) you want to log there should be a filter
          >that routes it to at least one destination.
          >
          >We can start from there.
          >
          >best,
          >
          >-- Inge
          >
          >

          My Wiki addition text below:
          ------------cut here------------
          I got this error message when trying to run syslog-ng with the default
          config file that came with it in the ipkg install:

          17-Jun-2005_21:51:11
          root@DVZ_NET_FS
          /share/hdd/conf/unslung :^> syslog-ng -d -v
          binding fd 3, inetaddr: 0.0.0.0, port: 514
          io.c: Preparing fd 3 for reading
          io.c: Preparing fd 4 for reading
          binding fd 5, unixaddr: /dev/log
          io.c: listening on fd 5
          unresolved reference: console
          Error initializing configuration, exiting.


          I then grepped the syslog-ng.conf file to see what the problem reference
          might be, and got this:

          17-Jun-2005_21:51:57
          root@DVZ_NET_FS
          /share/hdd/conf/unslung :^> cat /opt/etc/syslog-ng/syslog-ng.conf |grep console
          log { source(src); filter(f_emergency); destination(console); };
          log { source(src); destination(console_all); };


          I was able to get syslog-ng working (as far as I can tell) by simply
          commenting out the two lines that contained references to console and
          console_all, but I am concerned that I won't be getting the f_emergency
          messages that I'm supposed to be getting.
        • Rod Whitby
          ... The main HowTo page does require a password, but you can create a new wiki page at any time without a password. Perhaps we need a HowTo/AddStuffToTheWiki
          Message 4 of 7 , Jun 19, 2005
          • 0 Attachment
            On 6/20/05, Dale VanZile <vlad.zeanile@...> wrote:
            > Inge--
            > The page for adding How-To info to the wiki requires a password

            The main HowTo page does require a password, but you can create a new
            wiki page at any time without a password.

            Perhaps we need a HowTo/AddStuffToTheWiki howto ....

            -- Rod
          • Dale VanZile
            ... Rod-- I think you re right! :^) C ya, Dutch
            Message 5 of 7 , Jun 19, 2005
            • 0 Attachment
              Rod Whitby wrote:

              >On 6/20/05, Dale VanZile <vlad.zeanile@...> wrote:
              >
              >
              >>Inge--
              >>The page for adding How-To info to the wiki requires a password
              >>
              >>
              >
              >The main HowTo page does require a password, but you can create a new
              >wiki page at any time without a password.
              >
              >Perhaps we need a HowTo/AddStuffToTheWiki howto ....
              >
              >

              Rod--
              I think you're right! :^)

              C ya,
              Dutch
            • Dale VanZile
              ... Rod (or anyone...)-- How does one do this? I ve searched the site for about 90 minutes, and I can t find a link or instructions on how to add a how-to wiki
              Message 6 of 7 , Jun 21, 2005
              • 0 Attachment
                Rod Whitby wrote:

                >On 6/20/05, Dale VanZile <vlad.zeanile@...> wrote:
                >
                >
                >>Inge--
                >>The page for adding How-To info to the wiki requires a password
                >>
                >>
                >The main HowTo page does require a password, but you can create a new
                >wiki page at any time without a password.
                >
                >

                Rod (or anyone...)--
                How does one do this? I've searched the site for about 90 minutes, and I
                can't find a link or instructions on how to add a how-to wiki page. The
                nearest miss was that bit of text near the top of the how-to page that
                indicates that you ought to use a name that completes the phrase "How
                to..." and speaks in an active voice. I'd really like to add my
                syslog-ng how-to. :^)

                Thanks in advance....

                C ya,
                Dutch
              • Øyvind Repvik
                ... Go to http://www.nslu2-linux.org/wiki/HowTo/HowToYouWantToCreate Øyvind
                Message 7 of 7 , Jun 21, 2005
                • 0 Attachment
                  >
                  >
                  > Rod (or anyone...)--
                  > How does one do this? I've searched the site for about 90 minutes, and I
                  > can't find a link or instructions on how to add a how-to wiki page. The
                  > nearest miss was that bit of text near the top of the how-to page that
                  > indicates that you ought to use a name that completes the phrase "How
                  > to..." and speaks in an active voice. I'd really like to add my
                  > syslog-ng how-to. :^)
                  >
                  > Thanks in advance....
                  >

                  Go to http://www.nslu2-linux.org/wiki/HowTo/HowToYouWantToCreate


                  Øyvind
                Your message has been successfully submitted and would be delivered to recipients shortly.