HOWTO: remote logging with syslog-ng

I wrote this up for my own use, and I thought I would share it here. This is for syslog-ng, the configuration is very different for syslogd. syslog-ng comes default on Arch Linux, I'm not sure what other distros it comes on stock.

To log to syslog-ng with Rails and lighttpd:

First, install the analyzer tools to get the SyslogLogger class:   gem install rails_analyzer_tools

Then, add to your environment.rb:   require 'analyzer_tools/syslog_logger'

Then in the config section(or in enviroments/production.rb):   config.logger = SyslogLogger.new   #config.log_level = :warn -- this doen't apply when using syslog.   # You have to filter the level in your syslog config.

Add to /etc/syslog-ng.conf on the system to log FROM:   destination remote { udp("[machine to log to]" port(5140)); };   filter f_rails { program(rails) and level(warn..emerg); };   log { source(src); filter(f_rails); destination(remote); };   filter f_lighttpd { program(lighttpd); };   log { source(src); filter(f_lighttpd); destination(remote); };

Add to /etc/syslog-ng.conf on the system to log TO: These can be all together for simplicity's sake instead of separated out like the other entries. Note that the IP here is this machine's IP, the same IP as used in the client machine's configuration.   source r_src { udp(ip("[local machine's IP]") port(5140)); };   destination rails { file("/var/log/rails.log"); };   destination lighttpd { file("/var/log/lighttpd.log"); };   log { source(r_src); filter(f_rails); destination(rails); };   log { source(r_src); filter(f_lighttpd); destination(lighttpd); };   filter f_rails { program(rails); };   filter f_lighttpd { program(lighttpd); }; Restart syslog-ng and you're done!

Hope this can help someone as I found documentation on this sparse out on the interweb.

-Jason