[osiris] Setting up syslog

Gary Doran GDoran at IntegrityPaymentSystems.com
Fri Nov 2 14:10:58 EDT 2007 

Then what is the syslog facility config for?  syslog facility: this is the
facility that the management console will use for all logs. Logs include
everything from the status of the management daemon, to communication with
agents, and scan comparison logs. 

 I am running Windows email, Osiris on Windows server, monitoring a Windows
server. 

[ management config (localhost) ]

syslog_facility = DAEMON
control_port = 2266
http_port = 2267
http_host = 
notify_email = 
notify_smtp_host = 127.0.0.1
notify_smtp_port = 25
hosts_directory = 
allow = 127.0.0.1

Is this correct (y/n)? y
 >>> management host configuration has been saved.
osiris-4.0.5-release:
-----Original Message-----
From: osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com
[mailto:osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com]
On Behalf Of Anthony J. Biacco
Sent: Friday, November 02, 2007 12:42 PM
To: 'Osiris Users'
Subject: Re: [osiris] Setting up syslog

 
I'm not aware of osiris being able to send the changelogs to
syslog/event_log. I've only seen the notification-of-scanning messages
in such places.
Off the top of my head, I would say if you really needed it, you could send
the changelogs to an email address that's an alias. Then
point the alias to a script which pipes the email message into syslog (very
easy if you use a unix email server and have the
'logger' util installed)
The script could be as simple as:

#!/bin/sh
while read MYLINE
do
	echo $MYLINE | /usr/bin/logger
done

-Tony
-- 
Anthony J. Biacco
Senior Systems and Network Administrator
303-981-4955

-----Original Message-----
From: osiris-bounces+thelittleprince=asteroid-b612.org at lists.shmoo.com
[mailto:osiris-bounces+thelittleprince=asteroid-b612.org at lists.shmoo.com] On
Behalf Of Gary Doran
Sent: Friday, November 02, 2007 10:20 AM
To: 'Osiris Users'
Subject: Re: [osiris] Setting up syslog

I could use that, but nothing is being sent to the Windows Event log.  Does
Brian not respond back to questions anymore, sent email but the email
bounced?

-----Original Message-----
From: osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com
[mailto:osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com]
On Behalf Of Hari Sekhon
Sent: Friday, November 02, 2007 11:03 AM
To: Osiris Users
Subject: Re: [osiris] Setting up syslog

I'm not sure about your implementation, but mine is running on linux so 
my syslog is done by my standard logging.

I have not seen anything in the Osiris handbook about doing what you 
want (but then the logging section is fairly small).

Try ntsyslog.

-h

Hari Sekhon



Gary Doran wrote:
> Then am I missing something?  I thought that Osiris is supposed to be able
> to send change logs via syslog to a syslog server.  Email notification is
> working fine but I need to be able to send changes to syslog server (along
> with other things) to comply with PCI requirements.
>
> -----Original Message-----
> From: osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com
> [mailto:osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com]
> On Behalf Of Hari Sekhon
> Sent: Friday, November 02, 2007 10:41 AM
> To: Osiris Users
> Subject: Re: [osiris] Setting up syslog
>
> I don't think so, try to get a windows event log -> syslog implementation.
>
> I've tried snare but found I preferred ntsyslog. More configurable and 
> easily deployable.
>
> According to the handbook, the syslog_facility is to decide against 
> which facility the logs should be recorded, so not exactly what you
want...
>
> -h
>
> Hari Sekhon
>
>
>
> Gary Doran wrote:
>   
>> I am running a Windows implementation.  Should the syslog_facility be set
>>     
> to
>   
>> ip address of where I want the syslog to be sent?
>>
>> -----Original Message-----
>> From: osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com
>>
[mailto:osiris-bounces+gdoran=integritypaymentsystems.com at lists.shmoo.com]
>> On Behalf Of Hari Sekhon
>> Sent: Friday, November 02, 2007 10:20 AM
>> To: Osiris Users
>> Subject: Re: [osiris] Setting up syslog
>>
>> This is not the job of Osiris but of your logging implementation.
>>
>> Tell your syslog daemon on the management station to log to the GFI via 
>> syslog, see the man page for your syslog.conf or equiv (I prefer
>>     
> syslog-ng).
>   
>> If you only want osiris stuff sent to GFI, use syslog-ng and filters.
>>
>> -h
>>
>> Hari Sekhon
>>
>>
>>
>> Gary Doran wrote:
>>   
>>     
>>> I need to setup Osiris to send all logging to GFI EventManager via 
>>> syslog. GFI is listening on port 514 which is standard port. It is on 
>>> the same computer as the Osiris Manager. Don't know if that makes any 
>>> difference or not. Is there a way I can force a syslog message from 
>>> Osiris to test things out?
>>>
>>> Gary
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> osiris mailing list
>>> osiris at lists.shmoo.com
>>> https://lists.shmoo.com/mailman/listinfo/osiris
>>>     
>>>       
>> _______________________________________________
>> osiris mailing list
>> osiris at lists.shmoo.com
>> https://lists.shmoo.com/mailman/listinfo/osiris
>>
>> _______________________________________________
>> osiris mailing list
>> osiris at lists.shmoo.com
>> https://lists.shmoo.com/mailman/listinfo/osiris
>>
>>   
>>     
> _______________________________________________
> osiris mailing list
> osiris at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris
>
> _______________________________________________
> osiris mailing list
> osiris at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris
>
>   
_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris

_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris


_______________________________________________
osiris mailing list
osiris at lists.shmoo.com
https://lists.shmoo.com/mailman/listinfo/osiris

More information about the osiris mailing list