Home - Projects - Publications - Partners - Contact Us

S02syslog

Synopsys

#
# Set up syslog
# Configure one machine (the loghost) to be a central location for logs
# Configure all other machines to log both locally and to the loghost
#

Script

SRV=`host -t SRV _tsltd._loghost._tcp.$DOMAINNAME`

if [ "$OS" == "fc4" ]; then
    LOGHOST=`echo SRV | cut -d" " -f8 | cut -d"." -f1`
else
    LOGHOST=`echo SRV | cut -d" " -f6 | cut -d"." -f1`
fi

if
echo "%Post: change syslog startup parameters"
# Only enable remote logging for the loghost (avoids logging loops)
mv /etc/sysconfig/syslog /etc/sysconfig/syslog-$VERSION

if [ "$NODENAME" == "$LOGHOST" ]; then
    echo "%Post: Configuring loghost to receive remote logs"
    sed -e 's/\(-m 0\)/\1 -r/' \
	/etc/sysconfig/syslog-$VERSION /etc/sysconfig/syslog
fi

echo "%Post: Configuring /etc/syslog.conf"
cp /etc/syslog.conf /etc/syslog.conf-$VERSION

if [ "$NODENAME" == "$LOGHOST" ]; then
    sed -e 's/^\(*.info;\)/\1local0.none;local1.none;/' \
        /etc/syslog.conf-$VERSION >/etc/syslog.conf
else
    # Only enable logging to a remote host on machines that AREN'T the loghost
    # Again, to try and avoid logging loops
    sed -e 's/^\(*.info;\)/\1local0.none;local1.none;/' \
        -e 's/^\(*.info.*\)/\1\n# Also log to loghost\n\1xx/' \
        -e 's#/var/log/messagesxx$#@loghost#' \
        /etc/syslog.conf-$VERSION >/etc/syslog.conf
fi

echo "%Post: new facilities added to /etc/syslog.conf"
cat >> /etc/syslog.conf <<EOF
#
# Additions to the default syslog file
# local7 is already taken for Boot logs
local0.*                                                /var/log/device.log
local1.*						/var/log/dhcpd.log
local2.*                                                /var/log/pgsql
local4.*                                                /var/log/slapd.log
EOF

touch /var/log/device.log
touch /var/log/dhcpd.log
touch /var/log/slapd.log
touch /var/log/pgsql

Examples and Testing

# to avoid logging dhcpd entries in /var/log/messages we need to
# change the entry in /etc/syslog.conf
#  *.info;mail.none ... etc to
#  *.info;local1.none;local0.none;mail.none....
#
# The configuration requires that we have a machine with the name loghost
# This would normally be a CNAME
#
# If you want to configure a Cisco 29xx switch to log to this syslog 
# ensure the configuration has the following settings
#
#no logging console
#no logging monitor
#service timestamps debug datetime localtime
#service timestamps log datetime localtime
#logging trap notifications
#logging facility local0
#logging <loghost>

Marked up in XHTML - ©2005 Thoughtful Solutions Ltd.