Hi Trevor,
On Thu, 2004-11-04 at 09:02, Trevor Warren wrote:
In my network consisting of purely AIX/Gnu-Linux/HP-UX i have to provide a single console for monitoring all logs and trigger an alert/alarm as soon as a particular message comes up in the logs. These logs will be both system and application logs and hence the messages to be tracked has to be customisable.
Syslog on GNU/Linux support remote logging.
From syslogd man page
-r This option will enable the facility to receive message from the network using an internet domain socket with the syslog service (see services(5)). The default is to not receive any messages from the network.
So on your log (central) server, you can start syslogd with above option.
On the clients from where you want to collect logs, you would possibly give following entry in syslog.conf
From syslog.conf man page
*.* @finlandia
This rule would redirect all messages to a remote host called finlandia. This is useful especially in a cluster of machines where all syslog messages will be stored on only one machine.
Lemme know if someone has had this problem solved before or has any inkling of what appln we can make use of.
As for the an application which does not you syslog for logging, you have to consult that application's documentation.
I have no clue about other OS except GNU/Linux.
Trevor
HTH With regards,