Search the Site

My Social
Meta
Powered by Squarespace

Entries in syslog-ng (1)

Friday
Aug262011

Configuring Syslog-ng on Ubuntu

Syslog-ng is a replacement for the default syslog daemons you get with most Linux distributions. The advantage of syslog-ng is that the configuration is easier to understand, and it gives the sys-admin numerous advantages. Especially in complex environments.

Let's say we have a RADIUS environment which is able to send authentication and accounting information through syslog to external devices. And let's assume that a relevant part of this syslog information is needed by a department within a large cooperation.

Installing syslog-ng (on Ubuntu) is done by the following command:

# sudo apt-get install syslog-ng

Through the use of syslog-ng we can store, and/or forward syslog information based on the following (but not limited to):

  • source IP address
  • destination IP address
  • syslog level
  • content in the original syslog message by using regular expressions.

All this can be configured in the /etc/syslog-ng/syslog-ng.conf file.

Click to read more ...