Comandos intermediários do GNU/Linux
source s_remote {
tcp();
};
destination d_clients {
file(”/var/log/servers/$HOST/$FACILITY” owner(”root”) group(”root”) perm(0660) dir_perm(0770) create_dirs(yes));
};
log {
source(s_remote);
destination(d_clients);
};
SYSLOGD_PARAMS=”-r -m0″
/var/log/servers/logfile {
compress
dateext
maxage 365
rotate 200
size +4096k
create 640 root root
postrotate
/etc/init.d/syslog reload
endscript
}
Feito isso, reiniciei o serviço do syslog-ng:
# /etc/init.d/syslog stop
# /etc/init.d/syslog start
#sample syslog-ng.conf for a remote client
source s_local { internal(); unix-stream(”/dev/log”); file(”/proc/kmsg” log_prefix(”kernel: “)); };
destination d_loghost {tcp(”IP_DO_SERVIDOR_DE_LOG” port(514));};
log { source(s_local); destination(d_loghost); };
*.* @IP_DO_SERVIDOR_DE_LOG
Reiniciei o serviço:
# /etc/init.d/syslog stop
# /etc/init.d/syslog start
E os logs passaram a ser enviados para o servidor de LOG.