Rsyslog: Difference between revisions

Rsyslog (view source)

48 bytes added , 1 year ago

4,400

edits

Revision as of 18:08, 15 July 2017 (view source) Amanjosan2008 (talk \| contribs) (→‎Syslog Client) ← Older edit		Latest revision as of 22:57, 3 February 2023 (view source) Amanjosan2008 (talk \| contribs) (→‎Syslog Client)
(4 intermediate revisions by the same user not shown)
Line 40: . @10.107.88.93:514 ~~# for exmaple, output logs for "auth,authpriv." to remote~~ In case you want only certain syslog alerts to be logged to remote server: Line 53 ⟶ 51: $ActionQueueType LinkedList $ActionResumeRetryCount -1 Separate logs for each Host, for each date, Configure like follows. ~~sudo nano /etc/rsyslog.d/50-default.conf~~ ~~$template Auth_log,"/var/log/auth.d/%fromhost%_%$year%%$month%%$day%.auth"~~ ~~auth,authpriv. -?Auth_log~~ Restart rsyslog service Line 70 ⟶ 60: logger -p local4.info "This is a info message from local 4" = Generate Syslog messages = Test UDP syslog messages on port 514 with the following command: echo "<14>Test UDP syslog message" >> /dev/udp/<target_hostname_or_ip_address>/514 *Test TCP syslog messages on port 514 with the following command: echo "<14>Test TCP syslog message" >> /dev/tcp/<target_hostname_or_ip_address>/514 <br />