Revision as of 06:36, 11 February 2015

<yambe:breadcrumb self="Installing from source">Rsyslog configuration</yambe:breadcrumb>

Installing rsyslog server in CentOS

To install rsyslog use following steps:

Edit '/etc/rsyslog.conf' file as follows:

Append following lines

$template TmplAuth, "/var/log/%HOSTNAME%/%PROGRAMNAME%.log"

authpriv.*      ?TmplAuth
*.info,mail.none,authpriv.none,cron.none   ?TmplMsg

After configuring rsyslog server, configure remote machines to send logs to rsyslog server using:

Install rsyslog same as in case of server
Edit '/etc/rsyslog.conf' file and append following configuration:
```
*.* @<server>:<port>
```
service rsyslog start
chkconfig rsyslog on

Steps learned from http://tecadmin.net/setup-centralized-logging-server-using-rsyslogd/ and contributed by Kiran Kollipara <yambe:breadcrumb self="Installing from source">Rsyslog configuration</yambe:breadcrumb>

@@ Line 11: / Line 11: @@
 ##Append following lines
 ##:<pre>
-##::$template TmplAuth, "/var/log/%HOSTNAME%/%PROGRAMNAME%.log"
+##:: $template TmplAuth, "/var/log/%HOSTNAME%/%PROGRAMNAME%.log"
 ##::
-##::authpriv.*      ?TmplAuth
+##:: authpriv.*      ?TmplAuth
-##::*.info,mail.none,authpriv.none,cron.none   ?TmplMsg
+##:: *.info,mail.none,authpriv.none,cron.none   ?TmplMsg
 ##::</pre>
 ##Uncomment following lines:
 ##:<pre>
-##::$ModLoad imudp
+##:: $ModLoad imudp
-##::$UDPServerRun 514
+##:: $UDPServerRun 514
 ##:</pre>
 #<tt>service rsyslog start</tt>