Logging data with syslog-ng

Introduction

Syslog-ng ("New generation") is an enhanced alternative to the venerable syslog server.

Setup

1. /etc/rc.d/init.d/syslog stop
2. chkconfig syslog off
3. yum install syslog-ng
4. chkconfig syslog-ng on
5. vi /etc/syslog-ng/syslog-ng.conf:
   
   source s_network {
             tcp(max-connections(5000));
             udp();
   };
   
   destination d_network {
             file ("/var/log/syslog-ng/$HOST.log");
   };
   
   filter f_filter10   { level(info..emerg); };
   
   log { source(s_network);
       filter(f_filter10);
       destination(d_network);
   };
6. mkdir /var/log/syslog-ng/
7. tail -f /var/log/syslog-ng/192.168.0.253.log

Resources

• syslog-ng examples
• Syslog-ng FAQ
• "Metalog is a modern replacement for syslogd and klogd"
• Logging with syslog-ng
• Centraliser ses logs avec Syslog-ng