I have several machines at home. Some of them have Windows installed and some of them are happily running Linux (Ubuntu or BackTrack). I'd like to stay control of these machines. I'd like to have the logging of these machine at one place. That's where syslog comes in :-)

Since if have Windows 2008 r2 running in my network, I'd suggest Kiwi Syslog Server. It's installatie is very very easy. Just accept the defaults and it is running in no time.

For the Windowsclients you can install the free Correlog client : http://cnet.co/qekJ4D. Watch out you do not install the Babylon garbage...

On the Linux client you can install de syslog-ng client.
In Linux execute
apt-get install syslog-ng
If you'd like to setup the logging to the Kiwi Syslog Server, just edit the file /etc/syslog-ng/syslog-ng.conf as follows:

Search for d_net.
The line says something like this:

destination d_net { udp("192.168.1.20"); };
The 192.168.1.20 is my syslog server.

And change the following line:
#log { source(s_src); destination(d_net); };
Remove the #.
Reboot your Linux machine and check if syslog-ng is running properly:
ps -ef | grep syslog-ng
It ouputs a couple of lines, but if one them resembles to the following:
/usr/sbin/syslog-ng -p /var/run/syslog-ng.pid
Hooray! it is running. You can check the Kiwi Server if it is logging anything.
Advertisements