From owner-freebsd-security Tue Nov 26 1:30:21 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D94DF37B401 for ; Tue, 26 Nov 2002 01:30:19 -0800 (PST) Received: from sbtx.tmn.ru (sbtx.tmn.ru [212.76.160.49]) by mx1.FreeBSD.org (Postfix) with ESMTP id 943F743EAF for ; Tue, 26 Nov 2002 01:30:18 -0800 (PST) (envelope-from serg@sbtx.tmn.ru) Received: from sv.tech.sibitex.tmn.ru (sv.tech.sibitex.tmn.ru [212.76.160.59]) by sbtx.tmn.ru (8.12.6/8.12.6) with ESMTP id gAQ9UAlU053769; Tue, 26 Nov 2002 14:30:10 +0500 (YEKT) (envelope-from serg@sbtx.tmn.ru) Received: from sv.tech.sibitex.tmn.ru (localhost [127.0.0.1]) by sv.tech.sibitex.tmn.ru (8.12.6/8.12.6) with ESMTP id gAQ9UAiM002245; Tue, 26 Nov 2002 14:30:10 +0500 (YEKT) (envelope-from serg@sv.tech.sibitex.tmn.ru) Received: (from serg@localhost) by sv.tech.sibitex.tmn.ru (8.12.6/8.12.6/Submit) id gAQ9UAOr002244; Tue, 26 Nov 2002 14:30:10 +0500 (YEKT) Date: Tue, 26 Nov 2002 14:30:10 +0500 From: "Sergey N. Voronkov" To: Dmitry Agafonov Cc: freebsd-security@FreeBSD.ORG Subject: Re: two questions on syslog Message-ID: <20021126093010.GA1981@sv.tech.sibitex.tmn.ru> References: <200211260909.gAQ99ek40009@sequel.rsm.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200211260909.gAQ99ek40009@sequel.rsm.ru> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Nov 26, 2002 at 12:09:40PM +0300, Dmitry Agafonov wrote: > Good day! > > Can anybody help me to find a solution for these: > - logging to single host from others on LAN (all I > found are solutions for Linux and does not work on FreeBSD) # man syslogd Exactly, you need somthing like that: 1) On logging server a) Modify /etc/rc.conf: syslogd_flags="-a 192.168.0.0/16:*" b) Restart syslogd 2) On other hosts a) Modify /etc/syslog.conf: *.notice;kern.debug;... @your.logging.server.org b) Send HUP to syslogd > - a tool to analyze system logs mail/messages/auth, etc. > to generate something more human friendly than daily > security and other scripts. > > Link to some tutorial will be enough. # cd /usr/ports; make search name=syslog # make search name=mail | grep log # grep -i log sysutils/*/pkg-descr security/*/pkg-descr ... And choose one you need. ;-)) Best Wishes, Serg N. Voronkov, Sibitex JSC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message