This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: sshd timestamp logging


On 2/26/07, DePriest, Jason R. <jrdepriest@gmail.com> wrote:
Read the book!
First lines of /usr/share/doc/Cygwin/syslog-ng.README

If you want to use syslog-ng, just run the /usr/bin/syslog-ng-config
script.  This script will create a default configuration file
/etc/syslog-ng.conf and it will install syslog-ng as a service on NT
systems on request.


Okay I got it to work and am posting how i did it incase some poor soul like myself runs into the same problem.

1) use the setup.exe to install the syslog-ng package

2) run: $/usr/bin/syslog-ng-config
   follow the prompts and install as a service

3) read the help on the syslog-ng.conf (man syslog-ng.conf)
      define sources, destinations, filters(if necessary) and connect
them with "log" statements


3) edit the /etc/syslog-ng.conf file and add the following source: udp(ip("127.0.0.1") port(514)); # ip: localhost, port 514 is syslog, look in /etc/services for definitions of other ports

4) remember to hook up the source to a destination (like messages)

5) save, and start the syslog-ng service (cygrunsrv -S syslog-ng)

troubleshooting:

If the service fails to start make sure that SYSTEM or whoever you run
the syslog-ng service as can read/write /var/log/syslog-ng.log.

if the service starts but is not logging messages, restart the service
with the -d arguement (debug) and run a tail -f /var/log/syslog-ng.log
to see more helpful messages as they appear.




-- -Andrew Louie

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]