Date: Thu, 06 Jun 2002 17:05:29 -0500 From: Mikel King <mikel@ocsinternet.com> To: Wim Livens <wim@livens.net> Cc: Mikel King <vizkr@netscape.net>, freebsd-isp@FreeBSD.ORG Subject: Re: syslog-ng Message-ID: <3CFFDCA9.2050603@ocsinternet.com> References: <3CFFC148.7080904@netscape.net> <20020606204924.GB58553@krijt.livens.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --]
After beating my head against the proverbial wall I figured this much out:
source net { udp(ip(x.x.x.x) port(514)); };
destination network { file("/var/log/cisco.log"); };
filter f_local { facility(local1); };
log { source(net); filter(f_local); destination(network); };
The important thing I found was that you have to tell the router the
correct 'logging facility' and of course useing the right ip helps...I
will try you no dns option...and your filter looks cleaner than
mine...so I'll give that a try too...
Thanks for the response! Much appreciated.
cheers,
Mikel
Wim Livens wrote:
>Op do 06 jun, 2002 om 03:08:40pm -0500, schreef Mikel King:
>
>>Anyone have cisco routers logging to syslog-ng? trying to find a quick
>>config to capture all info from the router...
>>
>
>This should work:
>
>source net { udp(); };
>options { use_dns(no);};
>filter myrouter { host("1.2.3.4");};
>destination myrouterlogfile { file("/var/log/syslog-from-myrouter"); };
>log { source(net); filter(myrouter); destination(myrouterlogfile); };
>
>(haven't tested it exactly)
>
[-- Attachment #2 --]
<html>
<head>
</head>
<body>
After beating my head against the proverbial wall I figured this much out:<br>
<br>
source net { udp(ip(x.x.x.x) port(514)); };<br>
destination network { file("/var/log/cisco.log"); };<br>
filter f_local { facility(local1); };<br>
log { source(net); filter(f_local); destination(network); };<br>
<br>
The important thing I found was that you have to tell the router the correct
'logging facility' and of course useing the right ip helps...I will try you
no dns option...and your filter looks cleaner than mine...so I'll give that
a try too...<br>
<br>
Thanks for the response! Much appreciated.<br>
<br>
cheers,<br>
Mikel<br>
<br>
Wim Livens wrote:<br>
<blockquote type="cite" cite="mid:20020606204924.GB58553@krijt.livens.net">
<pre wrap="">Op do 06 jun, 2002 om 03:08:40pm -0500, schreef Mikel King:<br></pre>
<blockquote type="cite">
<pre wrap="">Anyone have cisco routers logging to syslog-ng? trying to find a quick <br>config to capture all info from the router...<br></pre>
</blockquote>
<pre wrap=""><!----><br>This should work: <br><br>source net { udp(); };<br>options { use_dns(no);};<br>filter myrouter { host("1.2.3.4");};<br>destination myrouterlogfile { file("/var/log/syslog-from-myrouter"); };<br>log { source(net); filter(myrouter); destination(myrouterlogfile); };<br><br>(haven't tested it exactly)<br><br></pre>
</blockquote>
<br>
</body>
</html>
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CFFDCA9.2050603>