Rsyslog: Difference between revisions
Content added Content deleted
(Created page with "Setting up Syslog Server in Ubuntu: Rsyslog will be installed by default in Latest Ubuntu server: Edit the Rsyslog config file sudo nano /etc/rsyslog.conf # provides UDP...") |
No edit summary |
||
| Line 25: | Line 25: | ||
sudo nano /etc/rsyslog.d/50-default.conf |
sudo nano /etc/rsyslog.d/50-default.conf |
||
Add the following line at the top of the file before the log by facility section, |
Add the following line at the top of the file before the '''log by facility''' section, : |
||
/etc/rsyslog.d/50-default.conf |
/etc/rsyslog.d/50-default.conf |
||
*.* @ |
*.* @10.107.88.93:514 |
||
sudo service rsyslog restart |
sudo service rsyslog restart |
||
Verification: |
|||
Logger |
|||
logger -p local4.info " This is a info message from local 4" |
|||
Revision as of 17:51, 15 July 2017
Setting up Syslog Server in Ubuntu:
Rsyslog will be installed by default in Latest Ubuntu server:
Edit the Rsyslog config file
sudo nano /etc/rsyslog.conf
# provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
# provides TCP syslog reception $ModLoad imtcp $InputTCPServerRun 514
sudo service rsyslog restart
netstat -an | grep 514
To validate your rsyslog configuration file:
sudo rsyslogd -N1
On the Client Machine:
sudo nano /etc/rsyslog.d/50-default.conf
Add the following line at the top of the file before the log by facility section, :
/etc/rsyslog.d/50-default.conf
*.* @10.107.88.93:514
sudo service rsyslog restart
Verification:
logger -p local4.info " This is a info message from local 4"