{"id":1215,"date":"2016-11-25T09:42:13","date_gmt":"2016-11-25T08:42:13","guid":{"rendered":"http:\/\/diablo.craem.net\/?p=1215"},"modified":"2016-11-25T09:42:13","modified_gmt":"2016-11-25T08:42:13","slug":"servidor-syslog-centralizado-debian-jessie","status":"publish","type":"post","link":"https:\/\/diablo.craem.net\/?p=1215","title":{"rendered":"Servidor syslog centralizado debian jessie"},"content":{"rendered":"

Desde hace tiempo, me gusta centralizar los logs en una sola m\u00e1quina…. por ejemplo, donde tengo el nagios.
\nla m\u00e1quina base es una debian jessie pelada y instalamos el syslog-ng:
\n
\napt-get install syslog-ng
\n<\/code>
\nY ahora modificamos el fichero \/etc\/syslog-ng\/syslog-ng.conf<\/strong>
\n
\noptions { chain_hostnames(yes); flush_lines(0); use_dns(no); use_fqdn(no);
\n owner(\"root\"); group(\"adm\"); perm(0640); stats_freq(0);
\n create_dirs(yes)<\/strong>; bad_hostname(\"^gconfd$\");
\n};
\n########################
\n# Sources
\n########################
\n# This is the default behavior of sysklogd package
\n# Logs may come from unix stream, but not from another machine.
\n#
\nsource s_src {
\n system();
\n internal();
\n};
\n# If you wish to get logs from remote machine you should uncomment
\n# this and comment the above source line.
\n#
\n#source s_net { tcp(ip(127.0.0.1) port(1000)); };
\nsource syslog_udp {
\n udp(port(514));
\n};<\/strong>
\n.
\n.
\n.
\n.
\n.
\n# Debian only
\ndestination d_ppp { file(\"\/var\/log\/ppp.log\"); };
\n# Dest\u00ed\u00ad logs Mikrotiks
\ndestination clientslogs {
\n file(\"\/var\/log\/logscraem\/$YEAR$MONTH$DAY\/$HOST.auth\");
\n };<\/strong>
\n.
\n.
\n.
\n.
\nlog {
\n source(syslog_udp);
\n destination(clientslogs);
\n};<\/strong>
\n<\/code>
\nNos crearemos un directorio por d\u00ed\u00ada y un fichero por dispositivo.
\nReiniciamos el syslog-ng y listo.<\/p>\n","protected":false},"excerpt":{"rendered":"

Desde hace tiempo, me gusta centralizar los logs en una sola m\u00e1quina…. por ejemplo, donde tengo el nagios. la m\u00e1quina base es una debian jessie pelada y instalamos el syslog-ng: apt-get install syslog-ng Y ahora modificamos el fichero \/etc\/syslog-ng\/syslog-ng.conf options { chain_hostnames(yes); flush_lines(0); use_dns(no); use_fqdn(no); owner(\u00abroot\u00bb); group(\u00abadm\u00bb); perm(0640); stats_freq(0); create_dirs(yes); bad_hostname(\u00ab^gconfd$\u00bb); }; ######################## # Sources […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[58,102,180],"class_list":["post-1215","post","type-post","status-publish","format-standard","hentry","category-linux","tag-debian","tag-linux-2","tag-syslog"],"_links":{"self":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/1215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1215"}],"version-history":[{"count":0,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/1215\/revisions"}],"wp:attachment":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}