[ale] F10, rsyslog, and incoming remote logs
Mills John M-NPHW64
Jmills at motorola.com
Mon Jul 13 18:23:41 EDT 2009
ALErs -
I've wasted quite a bit of bad language trying to set up '/etc/rsyslog.conf' to receive log messages from other hosts. Please excuse the incoherence here resulting from emotional stress. &8-P)
I uncommented in '/etc/rsyslog.conf' the lines:
# Provides UDP syslog reception
$ModLoad imudp.so
$UDPServerRun 514
and restarted the service. No obvious complaints in '/var/log/messages'.
I did find a copy of 'imudp.so' as '/usr/lib/rsyslog/imudp.so' but when I try to see if it can be loaded I get:
insmod: error inserting '/usr/lib/rsyslog/imudp.so': -1 Invalid module format
I don't see how to form a rule to send incoming UDP log traffic on port 514 to anywhere. How can I send such traffic to a single file, say: '/var/log/ext_messages.log'? The only examples I find in the docs concern outgoing traffic to a specific remote server: the reverse of my problem.
Should I need a rule to see such traffic on '/var/log/messages'? I see no traffic at present.
I could try running 'rsyslogd' in "compatibility" mode ('-v2'), but I would rather learn how to set up the configuration for the current version.
(BTW, is 'rsyslogd' really an improvement, or is the problem in the documentation?)
TIA.
- Mills
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20090713/1b8f6975/attachment.html
More information about the Ale
mailing list