Install RSYSLOG
|
[root@server ~]# yum -y install rsyslog
|
|
|
Configure RSYSLOG
Edit /etc/rsyslog.conf
|
[root@server ~]# vi /etc/rsyslog.conf
|
Uncomment below lines
|
# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
|
|
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
|
Restart the syslog service
|
[root@server ~]# systemctl restart rsyslog.service
|
Verify the syslog server listening
|
[root@server ~]# netstat -antup | grep 514
tcp
0 0
0.0.0.0:514
0.0.0.0:*
LISTEN
759/rsyslogd
tcp6
0 0 :::514 :::* LISTEN
759/rsyslogd
udp
0 0
0.0.0.0:514
0.0.0.0:*
759/rsyslogd
udp6
0 0 :::514 :::*
759/rsyslogd
|
Client setup:
- Log
into syslog server
- Use
an editor to get into the rsyslog config file : vi /etc/rsyslog.conf
(use i to edit) toward the end of the file add the required
devices:
:fromhost-ip,isequal,"192.168.0.1"
/var/log/devicehostname.log
& ~
- Exit
from the file (press Esc and say :wq to save/:q! to quit without
saving)
- Now
restart the rsyslog Daemon : service rsyslog restart
