Sending syslog Output to Another Host
.7.1 Problem
You want to send a name servers syslog output to another host.
.7.2 Solution
Add a line to your hosts syslog.conf file, telling syslogd to send messages logged in the facility the name server uses -- usually daemon -- to a remote host. For example, to send facility daemon messages to a remote host called loghost.foo.example, you could add this entry to syslog.conf:
daemon.info @loghost.foo.example
.7.3 Discussion
On the remote host, you may need to change syslogds command-line options to accept messages logged from the host that runs the name server. On some operating systems, you specify the address of a remote host thats allowed to log messages via syslog using syslogds -a command-line option. For example, to allow messages logged from the host at 192.168.0.1, you could start syslogd as:
# syslogd -a 192.168.0.1/32
To allow messages logged from any host on the 192.168.0/24 network, you could use:
# syslogd -a 192.168.0/24
To specify multiple addresses or networks, use multiple -a options.
If you just want to send nameds logged output to the remote host -- not everything logged to the daemon facility -- redefine the default_syslog channel to use one of the local facilities, local0 to local7. For example:
logging { channel default_syslog { syslog local0; }; };
For a BIND 8 name server, youll need to create a new syslog channel, as described in Section 10.6, since you can redefine default_syslog.
Then add an entry to syslog.conf to send all messages in the facility to the remote host:
local0.* @loghost.foo.example
Aggregating the syslog output from all of your BIND name servers on a single host can make monitoring those name servers much easier: you only have one syslog file to watch.
.7.4 See Also
syslogd(8), syslog.conf(5), and Section 10.6, for defining a new channel for default syslog messages.
Категории