News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

Obihai Syslog Server Program for MAC

Started by beuris, May 16, 2011, 04:34:37 PM

Previous topic - Next topic

beuris

can anybody tell me where can I get a Syslog Server for Mac.

Thanks!

krpan

Syslog server is already provided with every OS X machine. It is configured using /etc/syslog.conf file (it is a plain text file)

However you must first setup the server to accept remote syslog messages:
http://superuser.com/questions/131578/how-do-you-enable-syslogd-to-accept-incoming-connections-on-snow-leopard-from-rem
If you are running Snow Leopard pay attention to the second answer in the above listed link.

After that you will probably want to make some changes to /etc/syslog.conf file in order to capture all the syslog message from OBI to a file of its own. Thankfully Apple uses FreeBSD syslogd so to accomplish that you should modify your /etc/syslog.conf file to look something like this (provided that you currently have stock syslog.conf file and OBI's IP is 111.222.333.444):


-111.222.333.444
*.notice;authpriv,remoteauth,ftp,install,internal.none /var/log/system.log
kern.* /var/log/kernel.log

# Send messages normally sent to the console also to the serial port.
# To stop messages from being sent out the serial port, comment out this line.
#*.err;kern.*;auth.notice;authpriv,remoteauth.none;mail.crit /dev/tty.serial

# The authpriv log file should be restricted access; these
# messages shouldn't go to terminals or publically-readable
# files.
auth.info;authpriv.*;remoteauth.crit /var/log/secure.log

lpr.info /var/log/lpr.log
mail.* /var/log/mail.log
ftp.* /var/log/ftp.log
install.* /var/log/install.log
install.* @127.0.0.1:32376
local0.* /var/log/appfirewall.log
local1.* /var/log/ipfw.log

*.emerg *
-*

#Direct all syslog messages from OBI to a single file
+111.222.333.444
*.* /var/log/obi.log
+*


Finally you should create the file /var/log/obi.log (e.g. use command 'sudo touch /var/log/obi.log' in the terminal window) and then restart syslog again in terminal window:
sudo launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist
sudo launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist


Or you can just reboot the computer after you've created the empty log file.

Since advance features of syslogd used by apple are not documented here is another link that may be of use in configuring syslog.conf file on OS X:
http://macosx.com/forums/howto-faqs/47791-howto-syslog-remote-events-etc.html