No... the syslogd service is awaiting messages sent to IT on port 514, not it going out and reading files.
You can take the contents of that file and send it to syslog via the logger program
So, when you say "to the syslog server". Where is the syslog server? Local on the system? Or on a remote system?
The format you have specified (@IPADDRESS) is used to send to a remote system's port 514
The format to log locally can be found in the /etc/syslog.conf config file..
The facility and priority are defined in column 1
So in syslog.conf, you could set
local0.* /var/log/somefilenametosaveto rotate size 1m files 4. # whatever other options you want etc
Then restart syslogd:
ps -fu root | grep syslogd
sudo kill -1 #### #### is the pid of syslogd
Then, in example below I use
local0.info. but use whatever facility/priority is appropriate.
logger -p
local0.info -f /app/t24adm/T24/filenameblahblah
Now, if this is a running log.. you'll get what's in the file as is, not what gets appended to it later.
If you need the app to log to syslog, check the docs for a syslog option, looking for facility and priority.
If it doesn't support that, then you'll have to rotate your logs and use logger against the last file created
OR.... Kludge it with a while loop using the message parm to the logger program..
But, if you're logging it locally, why go through syslog? Just make a copy of the logs
If you're going to something like qradar, or some app that monitors your logs, then you'll need the @IP address option pointing to the qradar server..
Original Message:
Sent: 5/1/2024 8:00:00 AM
From: Pasindu Malintha
Subject: AIX Syslog Forwading
Hi Team,
We are having a requirement to forward the log file in "/app/t24adm/T24/logs/tsa1/SystemOut.log" path to syslog server. Therefore can perform this task by adding the below entry to the /etc/syslog.conf file ?
"*" /app/t24adm/T24/logs/tsa1/SystemOut.log @<IP address of syslog server>
AIX version - 7.2 TL5 U3
Please advise.
------------------------------
Pasindu Malintha
------------------------------