- 论坛徽章:
- 0
|
1) Enabling Acceptance of UDP Messages from Remote Systems
The following commands enable syslogd to accept entries from
remote systems.
# svccfg -s svc:/system/system-log setprop config/log_from_remote = true
# svcadm refresh svc:/system/system-log
2)Syslog uses target UDP port 514. RFC recommends that source port also be set to 514.
3)on the solaris host:
#cd /var/log
#touch /var/log/lp61.log
4)modify the /etc/syslog.conf
[email=root@MDPP2]root@MDPP2[/email]
# vi /etc/syslog.conf
"/etc/syslog.conf" 37 lines, 1062 characters
#ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */
#
# Copyright (c) 1991-1998 by Sun Microsystems, Inc.
# All rights reserved.
#
# syslog configuration file.
#
# This file is processed by m4 so be careful to quote (`') names
# that match m4 reserved words. Also, within ifdef's, arguments
# containing commas must be quoted.
#
*.err;kern.notice;auth.notice /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit /var/adm/messages
*.alert;kern.err;daemon.err operator
*.alert root
*.emerg *
# if a non-loghost machine chooses to have authentication messages
# sent to the loghost machine, un-comment out the following line:
#auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost)
mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost)
#
# non-loghost machines will use the following lines to cause "user"
# log messages to be logged locally.
#
ifdef(`LOGHOST', ,
user.err /dev/sysmsg
user.err /var/adm/messages
user.alert `root, operator'
user.emerg *
)
#receive the radware linkproof syslog
local6.debug /var/log/lp61.log
local6.info /var/log/lp61.log
local6.warning /var/log/lp61.log
local6.emergency /var/log/lp61.log ;注意local6.debug后应该敲tab键
"/etc/syslog.conf" 41 lines, 1169 characters
[email=root@MDPP2]root@MDPP2[/email]
#
5) on the radware link proof
services-syslog reporting->syslog operation :enable
syslog station address:10.200.42.4
syslog station :local use 6
syslog source port :514
6)on the solaris host (Dns1)
To stop the syslogd daemon, perform the command:
# svcadm disable svc:/system/system-log:default
To start the syslogd daemon, perform the command:
# svcadm enable svc:/system/system-log:default
7)check the log file
[email=root@MDPP2]root@MDPP2[/email]
# tail -f lp61.log
Apr 20 16:33:33 [10.200.42.61.2.2] last message repeated 1 time
Apr 20 16:33:33 [10.200.42.61.2.2] last message repeated 1 time
Apr 20 16:33:38 [10.200.42.61.2.2] LinkProof: 20-04-2008 10:21:18 INFO Access attempted by unauthorized NMS
Apr 20 16:33:38 [10.200.42.61.2.2] LinkProof: 20-04-2008 10:21:18 INFO Access attempted by unauthorized NMS
Apr 20 16:33:43 [10.200.42.61.2.2] LinkProof: 20-04-2008 10:21:23 INFO Access attempted by unauthorized NMS
Apr 20 16:33:43 [10.200.42.61.2.2] LinkProof: 20-04-2008 10:21:23 INFO Access attempted by unauthorized NMS
Apr 20 16:33:48 [10.200.42.61.2.2] LinkProof: 20-04-2008 10:21:28 INFO Access attempted by unauthorized NMS
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u1/52003/showart_1009568.html |
|
免费注册
发表于 2008-06-23 17:53