Solaris10上配置log server

最新推荐文章于 2024-08-02 16:22:25 发布

weixin_30325071

最新推荐文章于 2024-08-02 16:22:25 发布

阅读量115

点赞数

文章标签：网络

原文链接：http://www.cnblogs.com/cqubityj/archive/2012/02/20/2359558.html

版权

分别在log server和log client上安装syslog-ng.

log server示例配置（syslog-ng.conf）如下：

@version: 3.2
@include "scl.conf"
options { flush_lines (0);
          time_reopen (10);
          log_fifo_size (1000);
          long_hostnames (off);
          use_dns (no);
          use_fqdn (no);
          create_dirs (yes);
          dir_owner(root);
          dir_group(root);
          dir_perm(0755);
          owner(root);
          group(root);
          perm(0644);
          keep_hostname (yes);
        };

source s_local {
        system();
        internal();
};

source s_network {
        udp();
};

destination l_cons { file("/dev/console"); };
destination l_mesg { file("/var/adm/messages"); };
destination l_mesg_all { file("/var/log/messages"); };
destination l_mail { file("/var/log/syslog"); };
destination l_auth { file("/var/log/authlog"); };
destination l_mlop { usertty("operator"); };
destination l_mlrt { usertty("root"); };
destination l_mlal { usertty("*"); };

destination r_mesg { file("/logcen/$YEAR/$MONTH/$HOST/messages"); };
destination r_mail { file("/logcen/$YEAR/$MONTH/$HOST/syslog"); };
destination r_auth { file("/logcen/$YEAR/$MONTH/$HOST/authlog"); };

filter f_filter1   { level(err) or
                     (level(notice) and facility (auth, kern)); };
filter f_filter2   { level(err) or
                     (facility(kern) and level(debug)) or
                     (facility(daemon) and level(notice)) or
                     (facility(mail) and level(crit)); };
filter f_filter3   { level(alert) or
                     (facility(kern) and level(err)) or
                     (facility(daemon) and level(err)); };
filter f_filter4   { level(alert); };
filter f_filter5   { level(emerg); };
filter f_filter6   { facility(auth) and level(notice); };
filter f_filter7   { facility(mail) and level(debug); };
filter f_filter8   { facility(user) and level(err); };
filter f_filter9   { facility(user) and level(alert); };
filter f_filter10 { facility(user) and level(emerg); };

log { source(s_local); destination(l_mesg_all); };
log { source(s_local); filter(f_filter1); destination(l_cons); };
log { source(s_local); filter(f_filter2); destination(l_mesg); };
log { source(s_local); filter(f_filter3); destination(l_mlop); };
log { source(s_local); filter(f_filter4); destination(l_mlrt); };
log { source(s_local); filter(f_filter5); destination(l_mlal); };
log { source(s_local); filter(f_filter6); destination(l_auth); };
log { source(s_local); filter(f_filter7); destination(l_mail); };
log { source(s_local); filter(f_filter8); destination(l_cons);
                                        destination(l_mesg); };
log { source(s_local); filter(f_filter9); destination(l_mlop);
                                        destination(l_mlrt); };
log { source(s_local); filter(f_filter10); destination(l_mlal); };

log { source(s_local); source(s_network); filter(f_filter2); destination(r_mesg); };
log { source(s_local); source(s_network); filter(f_filter6); destination(r_auth); };
log { source(s_local); source(s_network); filter(f_filter7); destination(r_mail); };
log { source(s_local); source(s_network); filter(f_filter8); destination(r_mesg); };

log client示例配置（syslog-ng.conf）如下：

@version: 3.2
@include "scl.conf"
options { flush_lines (0);
          time_reopen (10);
          log_fifo_size (1000);
          long_hostnames (off);
          use_dns (no);
          use_fqdn (no);
          create_dirs (yes);
          dir_owner(root);
          dir_group(root);
          dir_perm(0755);
          owner(root);
          group(root);
          perm(0644);
          keep_hostname (yes);
        };

source s_local {
        system();
        internal();
};

source s_network {
        udp();
};

destination l_cons { file("/dev/console"); };
destination l_mesg { file("/var/adm/messages"); };
destination l_mesg_all { file("/var/log/messages"); };
destination l_mail { file("/var/log/syslog"); };
destination l_auth { file("/var/log/authlog"); };
destination l_mlop { usertty("operator"); };
destination l_mlrt { usertty("root"); };
destination l_mlal { usertty("*"); };

destination d_udp { udp("10.0.2.71" port(514)); };

filter f_filter1   { level(err) or
                     (level(notice) and facility (auth, kern)); };
filter f_filter2   { level(err) or
                     (facility(kern) and level(debug)) or
                     (facility(daemon) and level(notice)) or
                     (facility(mail) and level(crit)); };
filter f_filter3   { level(alert) or
                     (facility(kern) and level(err)) or
                     (facility(daemon) and level(err)); };
filter f_filter4   { level(alert); };
filter f_filter5   { level(emerg); };
filter f_filter6   { facility(auth) and level(notice); };
filter f_filter7   { facility(mail) and level(debug); };
filter f_filter8   { facility(user) and level(err); };
filter f_filter9   { facility(user) and level(alert); };
filter f_filter10 { facility(user) and level(emerg); };

log { source(s_local); destination(l_mesg_all); };
log { source(s_local); filter(f_filter1); destination(l_cons); };
log { source(s_local); filter(f_filter2); destination(l_mesg); };
log { source(s_local); filter(f_filter3); destination(l_mlop); };
log { source(s_local); filter(f_filter4); destination(l_mlrt); };
log { source(s_local); filter(f_filter5); destination(l_mlal); };
log { source(s_local); filter(f_filter6); destination(l_auth); };
log { source(s_local); filter(f_filter7); destination(l_mail); };
log { source(s_local); filter(f_filter8); destination(l_cons);
                                        destination(l_mesg); };
log { source(s_local); filter(f_filter9); destination(l_mlop);
                                        destination(l_mlrt); };
log { source(s_local); filter(f_filter10); destination(l_mlal); };

log { source(s_local); filter(f_filter2); destination(d_udp); };
log { source(s_local); filter(f_filter6); destination(d_udp); };

log { source(s_local); filter(f_filter7); destination(d_udp); };
log { source(s_local); filter(f_filter8); destination(d_udp); };

转载于:https://www.cnblogs.com/cqubityj/archive/2012/02/20/2359558.html

weixin_30325071

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
Solaris10上配置log server

分别在log server和log client上安装syslog-ng. log server示例配置（syslog-ng.conf）如下： @version: 3.2 @include "scl.conf" options { flush_lines (0); time_reopen (10); ...
复制链接

扫一扫