How to setup forwarding syslog messages to another syslog server
In this article I will show the changes you can make to your syslog-ng.conf file in order to forward syslog messages to one or more remote syslog servers.
Start by adding the desired amount of destinations, in this example we add two syslog machines and setup forwarding for system and internal (s_sys) messages and also log all messages we receive through syslog towards this netyce machine to syslog-ng.log (net) and forward these messages.
type "sudo vi /etc/syslog-ng/syslog-ng.conf" and add the following configuration:
destination collector1 {
network(
"<remote-syslog-ip-goes-here>"
port(514)
transport("udp")
ip-protocol(4)
);
};
destination collector2 {
network(
"<remote-syslog-ip-goes-here>"
port(514)
transport("udp")
ip-protocol(4)
);
};
log {
source(s_sys);
destination(collector1);
destination(collector2);
};
destination d_logs {
file(
"/var/opt/yce/logs/syslog-ng.log"
owner("yce")
group("nms")
perm(0644)
);
};
log { source(net); destination(d_logs); destination(collector1); destination(collector2);};
If you are running a patch level higher than 23011601 your system will also be logging the following files in /var/opt/yce/logs/ :
yce_action.log
yce_config.log
yce_task.log
In case you would like to forward the contents of these log files as well add the following:
source yce_logs {
file("/var/opt/yce/logs/yce_action.log");
file("/var/opt/yce/logs/yce_config.log");
file("/var/opt/yce/logs/yce_task.log");
};
log {
source(yce_logs);
destination(collector1);
destination(collector2);
};
after writing .conf file restart the syslog-ng daemon with "sudo systemctl restart syslog-ng", in case there's a syntax error "journalctl -xe" won't be of much help so rather locate the problem by running "syslog-ng -Fdev"
Related Articles
Setting up High Availability
In this article we would be setting up two instances of NetYCE that would act as Master-master relationship. Pre conditions It is assumed we already have cloned the primary server or set up a new one. If you have installed a new system (VM), make ...
Setting up LDAP authentication
In this article we will be seeing how to setup LDAP authetnication in NetYCE. We will be using below sample LDAP server details for the setup. LDAP Test server details LDAP Server Information: Server: ldap.test.com Port: 389 Bind DN: ...
Enabling Job Approvals
Knowing different User Roles Below is the table that defines users levels and their group names. User-level name remark 0 disabled cannot login 1 browser cannot submit jobs 2 operator 3 engineer 4 modeler aka designer 5 manager 6 system same as ...
Hardware sizing requirements
NetYCE is very light software and needs very moderate hardware requirements. Sizing mainly depends on either the number of nodes or number of jobs executed per day. Sizing for complete setup: This is for High availability setup, 2 (DB) servers. Nodes ...
Enable debug and creating support file
Debug mode is enabled when we need more logs to analyze any issue. In this article we shall enable debug for a Job. Debugging via GUI Enabling Debug (1) Admin -> System -> Debug Logs -> (2) Start debug -> (3) OK Create a Job Create ...