Rsyslog Server

From The Linux Source
Revision as of 13:41, 19 May 2017 by Support (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

1. Save original version of rsyslog.conf
Note: do not overwrite if rsyslog.conf-original already exists, it should already be there from the company image, so this step is normally skipped 

# cp -p /etc/rsyslog.conf /etc/rsyslog.conf-original

2. Update /etc/rsyslog.conf
Make sure the following is enabled/uncommented; 

# Use traditional timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

Add the following line to end of ModLoad/MODULES section; 

# UDP server module
$ModLoad imudp
# enable UDP server and port
$UDPServerRun 514

Add the following line to the beginning of the logging/RULES section (before #kern.* line); 

# log all to mySql
*.*       :ommysql:127.0.0.1,Syslog,syslog-insert,somepwA

3. Restart rsyslog service 

ENT 7
# systemctl start rsyslog
BEFORE Ent 7
# service rsyslog restart
Retrieved from "http://thelinuxsource.org/index.php?title=Rsyslog_Server&oldid=158"