Building from sources
Running syslog-ng (OS X)
Unload standard syslog daemon
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.syslogd.plist
Load syslog=ng daemon
sudo launchctl load -w /Library/LaunchDaemons/org.macports.syslog-ng.plist
Configure syslog-ng
(MacPorts) /opt/local/etc/syslog-ng.conf
(Rest of the world) /usr/local/etc/syslog-ng.conf
Example
Another Example
MySQL DB Example
Deployment
Seems the only practical deployment model is to replace default syslog installation, duplicate existing syslog configuration and then add new syslog-ng specific features.
require 'syslog'
log = Syslog.open('ftpd', Syslog::LOG_PID | Syslog::LOG_NDELAY,Syslog::LOG_FTP)
log.mask = Syslog::LOG_UPTO(syslog::LOG_ERR)
Most approaches seem to use some variant of syslog + remote access
Enhanced version of syslog syslog-ng.
Centralized (aka remote) syslog discussion and tutorial. Another article.
Adding new facilities – apparently not just a configuration issue.
- Facilities are defined in /usr/include/syslog.h
- Looks like it’s pretty involved
- Probably better to use local0 – local7
Managing the daemon – Linux
- /etc/init.d/syslog restart / reload
Managing the daemon – OS X
- OS X – enabling remote syslog access – article
- /System/Library/LaunchDaemons/com.apple.syslogd.plist
- # launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist
- # launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist
Enable remote logging – Linux
- /sbin/syslogd -r
- Probably edit somewhere like /etc/init.d/syslog and/or /etc/sysconfig/syslog
Testing syslog setups manually
- logger -p local3.debug [message]
Uncategorized | tracy | 
December 6, 2008 4:21 pm | 
Comments (0) 
Subscribe