How to configure a remote syslog on Red Hat Enterprise Linux 5 to accept logs from Brightmail gateway

book

Article ID: 180640

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

 

Resolution

It is possible to configure Symantec Messaging Gateway to send Scanner log data to a remote syslog.

1. login to RHEL5 as root
2. vi /etc/sysconfig/syslog
3. find the following line and add -r to the options.
Before: SYSLOGD_OPTIONS="-m 0"    
After:  SYSLOGD_OPTIONS="-m 0 -r"
4. save and exit the file
5. run as root
# service syslog restart
6. check the syslog in listening on udp port 514
# netstat -nul | grep 514

7. By default the remote syslog will redirected to /var/log/messages, this is defined in /etc/syslog.conf
8. Refer to HOWTO54067 on how to enable remote syslog on SBG side.
9. on RHEL5, run following command to check the logs in real time.

# tail -f /var/log/messages

10. About log format of Conduit, Brightmail Client, Brightmail Engine, JLU Controller, please refer to HOWTO53616.
11. It is possible to direct SMG logs of different components into different files on RHEL5 side but that is out of scope for this article.