Logging

 Local Logging:-

 • Log messages provides regular basis of the events that are happening on the system 

• Standard UNIX logging using syslog-ng 

• Local Syslog files stores in /var/log/ directory

 • Uses facility levels to describe system/module messages

 Remote Logging :-

• Send messages to external tool sch as Syslog Server, Splunk or ArcSight 

• Syslog – Legacy remote logging listening to UDP 514 

• High Speed Logging (HSL) – publish log messages to destination using filtering criteria 

Configuration:-

 • System ► Logging 

• Local and remote config file is /etc/syslog-ng/syslog-ng.conf