In this tutorial , I teach you how to use Rsyslog to configure central-log server on CentOS 7 / RHEL 7.
Why we need logging ?
To find out what's happing on the system/find proper solation to a problem .
All commands should be run as root user.
1- Configure Server side
To install Rsyslog package , if you don't have it :
yum -y install rsyslog
configurations file for syslog is located on /etc/rsyslog.conf .
Use your favorite file editor to edit rsyslog.conf and uncomment follows lines :
Provides UDP syslog receptio
$ModLoad imudp
$UDPServerRun 514
Restart the rsyslog service once your changes have been saved.
systemctl restart rsyslog
Verifying syslog server listening on the port 514
netstat -antup | grep 514
Output should be like this :
udp 0 0 0.0.0.0:514 0.0.0.0:* 1467/rsyslog
udp6 0 0 :::514 :::* 1467/rsyslogdd
If you have firewall on host server ,you need to enable inbound port 514/UDP
Enabling firewall inbound port TCP
firewall-cmd --permanent --add-port=514/tc
firewall-cmd --reloadp
Enabling firewall inbound port UDP
firewall-cmd --permanent --add-port=514/ud
firewall-cmd --reloadp
2- Configure client side
Install rsyslog package on client , if it is not installed .
configure client by editing /etc/rsyslog.conf by Add the following logging rule below the "RULES" line and restart the rsyslog service.
*.info,@NameOfYourServer/IPAdressFQDN
Restart the rsyslog service once your changes have been saved.
Now all log messages of info priority or higher appear in /var/log/messages on Log-server.
Thank you for reading and have happy coding.
Top comments (0)