Category: Howtos

Troubleshooting Remote Syslog and Forwarding

https://systemwrights.org/wordpress/?p=444 Troubleshooting Remote Syslog and Forwarding

Sequence of checkouts that help troubleshoot log forwarding…..

Know the network addresses of the source and destinations. Ping them or traceroute them.

On Each System Do The Following:

Run netstat -tulpn | grep 514 <- insert the port you expect to see here

Run ps ax | grep syslog
or
Run ps ax | grep rsyslog

In either case you should see your syslog is running. Either listening or sending.

IF NOT:

On each system check /etc/rsyslog.conf and any includes found in the /etc/rsyslog.d/ subdirectory. They must include any mod load information so the ports are opened up UDP/TCP or socket. Try this command
rsyslog -d
to get a debug from the syslog daemon. It will show what worked and what did not. The port number and addresses of the source and destination systems should be double checked in these respective system’s configs. TCP port, UDP port, UNIX Socket, config numbers have to match up at both ends.

After Any Reconfiguration:

Hopefully one-at-a-time type changes are made and tests run to see the success of that try. Remember that services need restarted after any change so that it can be picked up and included in the application.

MY FAVORITE GOTCHA TODAY:
In the forward statement

*.*:@[ip|host] sends UDP

and

*.*:@@[ip|host] sends TCP.

The “Novice Threat”?

Novice threat…

bll_red_shirt_and_beard Bernard Lambert

The idea that novice or inexperienced people pose a threat belies the fact that the process to get those individuals to mastery is a very secure method due to the process of passing through those apprentice, novice, journeyman, and master programs. Absent of that, how will one read about it, write about it, talk about it, and do it?

purple_crocus
purple_crocus

In IT, certification is insufficient without seat time at the consoles of those tools and devices. The addition of deep problem solving skills and a great deal of experience are the necessary requirements of these complex IT jobs.

For those new to IT, the question is often “How will they get any experience when locked out of job experience?”.

Your thoughts please

Welcome

“…comment on technology’s impact..”

This blog is used to comment on technology’s impact upon our lives.

The term “blog” came from the Internet technology accompanying the World Wide Web service.  The “Web Log” or the log created by users of web services became the “Blog” for short.

The Internet was created to disseminate information electronically and has grown exponentially since its inception.  Blogging has become one of the mainstay methods of the presentation of ideas and the dialogs that accompany them as they are presented, expanded, edited, critiqued, et al.

Please enjoy this blog.  Keep it clean.  Enjoy your free speech.  Offer your ideas rather than bludgeon everyone with your opinion.