Syslogging from Redhat to Windows – the setup

The requirement here is to provide syslog information from a Redhat Linux Enterprise 4 server to a windows network where alerts can be recorded and additional actions such as email alerts generated.

The first stage should be to identify the host that will receive the syslog messages and install the Kiwi Syslog application. Follow the prompts and install the software as a service if this is going to be running permanently. Once installed – start it up by clicking the icon on the taskbar – and you will be presented with a screen like this



At this point you don’t have any more to do on the Windows side..

The remote end is where you will will configure syslog to send the appropriate messages to the windows machine. In this case the first thing you need to do is log on to the redhat system with approriate security privilege to edit the /etc/syslog.conf file.

An example one is shown here …



The addition that needs to be made is the addition of the range of messages and the address to which they should be sent. With the Kiwi software listening on port 514 on a machine with address of the line

*.info;mail.none;news.none;authipriv.none;cron.none @

which mimics the current syslog settings to a file on the unix server – followed by a restart of the syslog daeomon on the unix server with

killall -HUP syslogd

will result in the following output on the Windows machine – once the linux server has had something worth logging…



Where do you go from here ?

Well the Kiwi syslogger provides a range of actions –

– you can redirect different classes of messages to seperate panes to give a better picture of whats happening.

– you can set up email alerts for other problems that require immediate attention

– you can filter incoming messages based on the host that generates them

and lots more – so take a look at the setup options it provides.