Syslogng Configuration for iptables Source

# include internal syslog-ng messages

# note: the internal() source is required!

# the following line will be replaced by the

# socket list generated by SuSEconfig using

# variables from /etc/sysconfig/syslog:

# uncomment to process log messages from network:

Listing 7-4 shows the source definition for the entire syslog-ng process. This example shows two logging sources, /dev/log (for the standard kernel logging device) and /var/lib/ntp/dev/log.A separate entry is necessary because the NTP service runs in a chroot jail and its log source has to reside under this jail so that the ntp executable can access it.

This example also shows a UDP entry that SUSE has commented out. This is a logging source entry for a network port. This is how you can set up a central logging server for your organization. By setting a source to be UDP on port 514, you are enabling your machine to accept messages for logging from remote hosts. TCP/IP port 514 on UDP is the standard port entry for syslog messages. If you uncomment this entry, you are able to receive messages from remote hosts.

I ¡J' ¡"^^v^T^V For more information on TCP/IP and specifying addresses and ports in Linux, see ¡H-z-y-^.iChapters 6 and 15.

Was this article helpful?

0 0

Post a comment