Topic: Exporting SYSLOG(s) to Remote Server?

[bloxguy]

Is there anyway to export the syslogs from /var/logs/messages to an external SYSLOG server, ie: SPLUNK?
if so, how can I set this up?

Is there a chance this feature could also be added to the general configuration of the server?
it would be great to be able to monitor SME servers using SPLUNK.

[CharlieBrady]

Is there anyway to export the syslogs from /var/logs/messages to an external SYSLOG server, ie: SPLUNK?
if so, how can I set this up?

You need to do some reading of the documentation here. Search for "custom templates".

Is there a chance this feature could also be added to the general configuration of the server?

Again, please read some of the documentation here. You can ask for New Feature Requests via the bug tracker. But you need to be aware that there are many more feature requests than there are developers to implement them. If you want something, do it yourself, and then contribute it.

[Stefano]

You need to do some reading of the documentation here. Search for "custom templates".

or just search the wiki:

http://wiki.contribs.org/Syslog

[CharlieBrady]

or just search the wiki:

http://wiki.contribs.org/Syslog

Those deal with information flow in the other direction, i.e.. into SME server. OP wants syslog messages to flow out from SME server to another system.

OP needs "*.*   @a.b.c.d" entries in syslog.conf, via a custom template.

[Stefano]

doh, you're right..

I really need more coffee in the morning..

[bloxguy]

Thanks for the heads up, I'd already read all the documentation/wiki, which lead me to this forum.
Everything posted for SME with regards to SYSLOG is for setting up SME as a recipient server not a forwarder.

Instead of custom scripts, etc, I found that SPLUNK has created a "universal forwarder" RPM package that can be adapted to run on SME.
If there is somewhere on the site to post a HOWTO; I would be glad to share the information.
I currently have SME 8.x reporting to SPLUNK 6.1.x with no issues.

but again, as a "nice to have" it would be great to see this built into the product; and made configurable through the GUI.

[ReetP]

If there is somewhere on the site to post a HOWTO; I would be glad to share the information.

The Wiki is the place. You can get an account easily here :

http://wiki.contribs.org/Help:Contents

but again, as a "nice to have" it would be great to see this built into the product; and made configurable through the GUI.

Lots of things we'd all like to have but it is time and resources We have very little of either.

If you want to look at building this as a contrib then go to the bug tracker and you will get help.

Make sure you are on the mailing lists too :

http://lists.contribs.org/mailman/listinfo/

Please get involved - you have done half the work already !!

B. Rgds
John Crisp