转载一篇syslog-ng的文章的,本来是想打算自己写一篇的,看到这篇文章写的很详细,就转载过来吧。后面我再补充一下
先说说自己对syslog-ng的理解:用于集中日志管理,可以对日志进行筛选过滤。
原文地址:http://www.linuxfly.org/read.php?171
前面详细介绍了sysklog套件的配置和使用。但毕竟该套件已经比较老了,很多功能都不够完善,而系统日志又是系统维护中至关重要的参考信息。我们可以使用syslog-ng(下一代系统日志工具)来替代原来的sysklog服务。syslog-ng可以通过对日志信息执行正规表达式过滤,并且支持主机链方式等工作,都能更好的协助我们管理主机。
阅读全文...
Every user using logs met requirement to separate logs from various daemons to individual files and log iptables actions. In this topic we will set up syslog-ng a system loger to do it. Log files will be separated by services (DNS daemon, DHCP daemon, …), iptables logged actions and by months and years.
How to log iptables?
In chain where for example logging of dropped packets is desired we add logging rule to the end of chain (valid for iptables with implicit policy DROP on INPUT chain). If you don’t want make your router/server crazy, set limit for logged packets.
阅读全文...
最新评论