Collect logs of Linux/Unix from Syslog-NG
We have many (Around 50) Linux and HP Unix systems in our environment. All these systems are integrated and thus sending logs to one central Syslog-NG (Syslog-NG, Premium Edition, V4.0, OS:RHEL 5.5) systems. We would like to collect logs of these linux and HP Unix systems from this Syslog-NG.
Please let me know what configuration do I have to do in Syslog-NG and RSA enVision. Thanks.
We just set our syslog-ng server to relay all logs to enVision. Few systems required any extra work in enVision for this to work correctly.
Oracle logging via syslog was a challenge and required some customization, which I can dig up if it would be useful to you. I will caution that Oracle 10.2.0.4 logs via syslog are missing significantly useful information that is present in file-based or database-sourced logs.
Thanks for your reply.
Would you please share me any link/doc on how we can enable relay in syslog-ng server. We are using Syslog-NG 4.0 with RHEL 5.5.
I would be more than happy if you can help me out to optimally collect the Oracle logs. We are suspecting that we will face performance issue while integrating Oracle database with enVision. We are also not sure where to start/what level of logs should we start from oracle databases to do some correlation.
Appreciate if you can give me some help in this. Thanks in advance.