jails Send syslog messages from within the jail to the host

[Alain De Vos]

How to send syslog messages from the jail to the host.
If I'm correct i cannot open two times the same port ?

 

[covacat]

in jail
socat UNIX-RECV:/var/run/log UDP-SENDTO:10.1.1.181:9999
on host
socat UNIX-SENDTO:/var/run/log UDP-RECV:9999

10.1.1.181 is host address reachable from jail
do not run syslog in jail, socat will provide the socket

alternatively you can edit syslog.conf in jail and log to @host_ip and allow peer on host syslog
syslogd_flags="-a jailip"

you can probably use a unix socket for data transfer instead of udp and only run socat on host
on host
socat UNIX-SENDTO:/var/run/log UNIX-RECV:/usr/local/jails/somejail/var/run/log

 

[Al Seitsinger]

If the host and the jail have their own IP addresses, syslogd can listen on the same port. However, if they are sharing one IP address, you will need to use two different ports. My suggestion is to have syslogd listen to 192.168.1.2:514 on the host with the jail shipping its messages to that address in the jail.

/etc/syslog.conf

# Submit all facilities and priorities to loghost.
*.* @192.168.1.2:514