Share via

Steps to configure a Syslog server in Interix / SUA

  • Article

Following steps will help you in configuring syslog in Windows using Interix or SUA. 

1) By default syslog services are disabled.  It is vulnerable to exploits and hence these are not enabled.  However for troubleshooting purpose we can start syslog services and as soon as we finish our troubleshooting, we can disable it.
2) Login to the windows machine as a local administrator.
3) Launch Korn or C Shell.
4) We need to edit the file /etc/init.d/syslog.
5) Uncomment the following two lines from /etc/init.d/syslog.  You can do this by removing the pound “#” character from the beginning of these lines:

                   ${SYSLOGD}

                   [ $? = 0 ] && echo "syslogd started"

You can use vi for this.

 

syslog1 

 

6) Save and exit from the file using :wq
7) Start the syslog services using the command
/etc/init.d/syslog start

 

syslog2

 

 

8) Once started you will get the following message in your screen:
syslogd started

 

syslog3

 

 

9) You can also check the services using the following command:
% ps -AX unix | grep syslog
  2013 -    0:00.00 syslogd

syslog4 

 

 

 

 

10) To stop the service run /etc/init.d/syslog stop

 

syslog5 

 

11) Once syslog daemon is started, it stores all its entries in /var/adm/log/messages.
12) You can refer this file for troubleshooting purpose.