I tried to config syslog server by hand not use the agent,just use log insight as the syslog server of linux(CentOS 5.5).I've got 3 problems.
preparation:
client machine: centOS 5.5(one),IP:192.168.157.129
server machine: Log Inisght virtual machine(one) IP:193.168.30.64
config syslog server for client machine steps :
1. modify the config files of client machine /etc/syslog.conf
2. use command (service syslog restart) to restart syslog service.
there are 3 problems:
①When modify config files(/etc/syslog.conf),it needs to specify the path for the log(server side).So, which path we should choose for the config syslog files in Log Insight server?
②for instance,the answer of ① is /var/log/syslog,the configuration of client machine as follows is correct?
⑴ modify the config files of client machine (/etc/syslog.conf)
⑵before be modified : *.info;mail.none;authpriv.none;cron.none /var/log/messages
⑶after modified :*.info;mail.none;authpriv.none;cron.none /var/log/syslog@193.168.30.64
③as the configuration aboved(②),we have modified /etc/syslog.conf of the client machine,then use (service syslog restart) to restart the service.
After the configuration,the log insight can collect and analyse logs from the client machine? if it can't,is there any configuration i missed?
Actually ,i have configed like aboved,the log insight can't collect the logs from the client machine(192.168.157.129)....
I'm looking forward to your response ..Thank you very much!!