Course Home | Syllabus | Schedule | Readings | Downloads | Submissions | [print]

Centralized System Logger

You need to install syslog-ng on all of your server machines (ns1, ns2, web, mysql, mail). You will need to send the system logs for each of these to a centralized system logging server that you have set up ( logger should have a static ip address next to your server ip addresses. Each system should have its’ own log file on the new server (i.e. /var/log/ns1/system.log)

Make sure you copy my ssh key to your new logger machine.

In addition to the syslogs above, you should create filters on the logger that will separate out the following log files:

You should also setup logrotate to rotate these newly created logs if they ever get over 100K in size. Logs should also be compressed and no more that 5 logs worth should be saved. Don’t compress the first backup.


Create a report with the following elements:

The file must be named log_info.txt.

dns1_ip: ip_address_of_master_dns_system
dns2_ip: ip_address_of_slave_dns_system
smtp_ip: ip_address_of_smtp_system
http_ip: ip_address_of_http_system
mysql_ip: ip_address_of_mysql_system
logger_ip:  ip_address_of_logger_system
dns1_syslog: location of dns syslog on logger machine
dns2_syslog: location of dns syslog on logger machine
smtp_syslog: location of dns syslog on logger machine
http_syslog: location of dns syslog on logger machine
mysql_syslog: location of dns syslog on logger machine
apache_errorlog: location of apache2 error log on logger machine
exim_mainlog: location of exim4 mainlog on logger machine
cron_log: location of cron log on logger machine

For example, my file could look like this:

dns1_syslog: /var/log/ns1/system.log
dns2_syslog: /var/log/ns2/system.log
smtp_syslog: /var/log/smtp/system.log
http_syslog: /var/log/http/system.log
mysql_syslog: /var/log/mysql/system.log
apache_errorlog: /var/log/http/error.log
exim_mainlog: /var/log/smtp/main.log
cron_log: /var/log/all_cron.log


Last Updated 01/16/2018