You want to test the configuration of your syslog server to ensure that the log messages are stored in their correct location.
The Bourne shell script in Example 18-2 will emulate syslog messages at various severity levels to ensure that your server routes them to the correct location. The script will emulate syslog messages to the local7 syslog facility by default, but the logging facility is completely configurable. No arguments are required or expected.
#!/bin/sh # # testlog.sh -- a script to test the syslog facility to ensure that # messages, at various levels, are being forwarded # to the correct file(s) # # Set Behavior FACILITY=local7 LOGGER="/usr/bin/logger" # $LOGGER -p $FACILITY.emerg "This meassage was sent to $FACILITY.emerg (0)" $LOGGER -p $FACILITY.alert "This meassage was sent to $FACILITY.alert (1)" $LOGGER -p $FACILITY.crit "This meassage was sent to $FACILITY.crit (2)" $LOGGER -p $FACILITY.err "This meassage was sent to $FACILITY.err (3)" $LOGGER -p $FACILITY.warning "This meassage was sent to $FACILITY.warning (4)" $LOGGER -p $FACILITY.notice "This meassage was sent to $FACILITY.notice (5)" $LOGGER -p $FACILITY.info "This meassage was sent to $FACILITY.info (6)" $LOGGER -p $FACILITY.debug "This meassage was sent to $FACILITY.debug (7)"
This script is designed to test the syslog server configuration to ensure that router log messages forward to the correct file(s). Basically, the script emulates router log messages at the various severity levels to verify how the syslog daemon handles them.
We use the Unix logger command to generate log messages and forward them to the syslog daemon. The server should route these log messages to same location as the router log messages. If the test log messages do not show up in the expected file or show up in undesirable locations, you should look for configuration problems in your syslog.conf file.
As noted, the script's default syslog facility is set to local7, but you can change this if necessary. For instance, if your routers are set to use local6 (as in Recipe 18.7), the variable FACILITY should be set to local6:
FACILITY=local6
If your syslog.conf file includes an entry to forward local7.info log messages to a file called /var/log/rtrlog (as in Recipe 18.6), the output from the script would look like this:
Freebsd# ./testsyslog.sh
Message from syslogd@localhost at Sun Mar 31 22:44:09 2002 ...
localhost This message was sent to local7.emerg (0)
Freebsd# tail /var/log/rtrlog
Mar 31 22:44:09 localhost This message was sent to local7.emerg (0)
Mar 31 22:44:09 localhost This message was sent to local7.alert (1)
Mar 31 22:44:09 localhost This message was sent to local7.crit (2)
Mar 31 22:44:09 localhost This message was sent to local7.err (3)
Mar 31 22:44:09 localhost This message was sent to local7.warning (4)
Mar 31 22:44:09 localhost This message was sent to local7.notice (5)
Mar 31 22:44:09 localhost This message was sent to local7.info (6)
Freebsd#
Note that one of the messages produced by the script was sent directly to the screen. This is because the test server's syslog.conf file forwards all emergency level syslog messages to all TTY terminals, which is a common configuration on Unix machines. Although this message will not cause any system problems, it can strike fear into other active users, so be aware.
The second part of the output shows the contents of the /var/log/rtrlog file. The output shows seven lines of progressively decreasing priority log messages but it does not display a severity 7 (debugging) message. This is because the syslog.conf configuration only included a line for local7.info. Because the info severity is higher than debug, this configuration command does not affect debug level messages.
Finally, with a minor modification to your syslog.conf file, you can utilize this script to test remote syslog servers:
local7.info @nms.oreilly.com
With this change, the syslog program will forward all local7 log messages to a remote syslog server called nms.oreilly.com. Note that the syntax of this line introduces the @ sign to signify that a server name follows. Running the script again would forward local7 log messages to the remote server, which would effectively emulate router log messages and test the server's syslog configuration. When testing is completed, make sure to remove or comment out the above configuration line. Otherwise, this machine will continue to forward incoming local7 log messages to the remote syslog server.
|
|
|
| Top |