booteasy / syslog

[sektie]

> Completely unrelated i know, but I am having problems finding how to 
> setup sysogd to accept logs from a remote host, in this case a 
> gateway router at another site. Just a link to   a good how-to would 
> help. I have googled but to no avail.

I have something set up to do that.

Host 1: sacrifical-lamb, running OpenBSD 3.2. (not a fan of OpenBSD, 
obviously.) syslogd is listening on port 514. On your log server, verify 
that when you do a netstat -an you have the following:

udp        0      0  *.514                  *.*

AFAIK, all you have to do is verify that syslogd is running with the -a flag 
to specify an allowed IP. (man syslogd for exact syntax). 

Host 2: perlpimp, running FreeBSD 5. In my syslog.conf, I have a line that 
looks like:

*.*					@sacrificial-lamb

This makes perlpimp log *.* to sacrificial lamb. It's pretty easy to set up, 
providing you don't have any whackass firewalling or other weird stuff going 
on.


Randi