Difference between revisions of "Rsyslog Server"

From The Linux Source
Jump to: navigation, search
Line 3: Line 3:
 
  # cp -p /etc/rsyslog.conf /etc/rsyslog.conf-original
 
  # cp -p /etc/rsyslog.conf /etc/rsyslog.conf-original
  
2. Update /etc/rsyslog.conf<br>
+
2. See generic [[Rsyslog]] page for other config options
2a. Make sure the following is enabled/uncommented
+
 
# Use traditional timestamp format
+
3. Update /etc/rsyslog.conf<br>
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
3a. Add the following line to end of ModLoad/MODULES section to enable the desired server mode
2b. Add the following line to end of ModLoad/MODULES section to enable the desired server mode
+
 
  UDP:
 
  UDP:
 
  # UDP server module
 
  # UDP server module
Line 18: Line 17:
 
  # enable TCP server and port
 
  # enable TCP server and port
 
  $InputTCPServerRun 514                                                           
 
  $InputTCPServerRun 514                                                           
2c. Add the following line to the beginning of the logging/RULES section (before #kern.* line);
+
3b. Add the following line to the beginning of the logging/RULES section (before #kern.* line);
 
  # log all to mySql
 
  # log all to mySql
 
  *.*      :ommysql:127.0.0.1,Syslog,syslog-insert,somepwA
 
  *.*      :ommysql:127.0.0.1,Syslog,syslog-insert,somepwA
  
3. Restart rsyslog service
+
4. Restart rsyslog service
 
  ENT 7
 
  ENT 7
 
  # systemctl start rsyslog
 
  # systemctl start rsyslog
 
  BEFORE Ent 7
 
  BEFORE Ent 7
 
  # service rsyslog restart
 
  # service rsyslog restart

Revision as of 15:47, 22 May 2017

1. Save original version of rsyslog.conf
Note: do not overwrite if rsyslog.conf-original already exists, it should already be there from the company image, so this step is normally skipped 

# cp -p /etc/rsyslog.conf /etc/rsyslog.conf-original

2. See generic Rsyslog page for other config options

3. Update /etc/rsyslog.conf
3a. Add the following line to end of ModLoad/MODULES section to enable the desired server mode 

UDP:
# UDP server module
$ModLoad imudp
# enable UDP server and port
$UDPServerRun 514
OR TCP:
# TCP server module
$ModLoad imtcp                                                                  
# enable TCP server and port
$InputTCPServerRun 514

3b. Add the following line to the beginning of the logging/RULES section (before #kern.* line); 

# log all to mySql
*.*       :ommysql:127.0.0.1,Syslog,syslog-insert,somepwA

4. Restart rsyslog service 

ENT 7
# systemctl start rsyslog
BEFORE Ent 7
# service rsyslog restart
Retrieved from "http://thelinuxsource.org/index.php?title=Rsyslog_Server&oldid=184"