Rsyslog Server

From The Linux Source
Revision as of 15:51, 22 May 2017 by Support (Talk | contribs)

Jump to: navigation, search

PARENT PAGE LINK: Syslog


1. Save original version of rsyslog.conf
Note: do not overwrite if rsyslog.conf-original already exists, it should already be there from the company image, so this step is normally skipped

# cp -p /etc/rsyslog.conf /etc/rsyslog.conf-original

2. See generic Rsyslog page for other config options

3. Update /etc/rsyslog.conf
3a. Add the following line to end of ModLoad/MODULES section to enable the desired server mode

UDP:
# UDP server module
$ModLoad imudp
# enable UDP server and port
$UDPServerRun 514
OR TCP:
# TCP server module
$ModLoad imtcp                                                                  
# enable TCP server and port
$InputTCPServerRun 514                                                          

3b. Add the following line to the beginning of the logging/RULES section (before #kern.* line);

# log all to mySql
*.*       :ommysql:127.0.0.1,Syslog,syslog-insert,somepwA

4. Restart rsyslog service

ENT 7
# systemctl start rsyslog
BEFORE Ent 7
# service rsyslog restart