Configuring Syslog Startup and Forwarding
Forwarding Syslog Messages
The discovered resources must be configured to forward the syslog messages to the server to enable syslog monitoring.
- The system (Linux/Solaris/routers) forwards the syslog messages to the server.
- The server listens on UDP port for these messages.
In this topic, we have provided examples to forward syslog messages from a Linux device and a router to the OpManager server.
Example: Forwarding Syslog Messages From Linux Device
Following is an example explaining how to configure a Linux device to forward syslog messages to the OpManager server.
- Log on to the Linux device (whose messages you want to forward to the server) as a super user.
- Enter the command - vi /etc/syslog.conf to open the configuration file called syslog.conf.
- Enter *.* and press the Tab key and enter the name of the host machine where the server is running.
Restart the syslog service using the command /etc/rc.d/init.d/syslog restart.
For example, *.* @test
If the OpManager server is running in a Linux device, you need to make the following configuration in the server to receive the forwarded messages.
- In Linux devices, by default, the syslog daemon occupies the port 514. This port must be freed in the machine where the OpManager server is running, so that it listens for syslog messages at 514 port. You can change the port number for the syslog daemon so that port 514 can be used by the server. The steps are explained below.
- Log into the Linux device (where the OpManager server is running) as a super user.
- Enter the command vi /etc/services to open the file.
- In the services file, all the services and their corresponding port numbers are listed. Under the Unix-specific services, the syslog service will be listed, with its port as 514/udp. Ensure that the port number is not occupied by some other service (you can configure a different port if the default port is occupied).
- Restart the syslog service using the command /etc/rc.d/init.d/syslog restart.
Example: Forwarding Syslog Messages From Routers
To enable syslog monitoring in router and redirect the log message to the syslog server:
- Telnet to the router machine as telnet <router>.
- Type the command enable at the prompt to set to 'enable' mode.
- You will be prompted to enter the password. Enter the correct password.
- Now, type the command config at the prompt.
- Choose terminal configuration.
- After this, type logging <IP address of the host device where OpManager server is running> at the command prompt. For example, logging <192.168.5.120>. This is done to enable forwarding of messages to the OpManager server.
After the above steps are performed, the router logs the syslog messages onto the server at port 514 by default.