HOME

manintheit.org

manintheit.org

Syslog Server Configuration

Basic Syslog Server Configuration In rsyslogd, different types of modules can be used:

  • Input modules: These are modules that have a name starting with im. Input
    modules are used to specify from where rsyslogd will receive messages.
  • Output modules: These are modules that have a name starting with om. By
    default, log messages are sent to the destinations as specified in /etc/rsyslog.
    conf. By using output modules, messages can be sent elsewhere, like to a database or to the journal.
  • Other module types: Different other module types exist, such as parser modules, message modification modules, and more. For more information download rsyslog-doc.
yum install rsyslog-doc

Minimal Configuration of Syslog Server 

#/etc/rsyslog.conf
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
# Where to place auxiliary files
$WorkDirectory /var/lib/rsyslog

$template DynFile, "/var/log/serverlogs/%$YEAR%/%$MONTH%/%HOSTNAME%.log"
*.* ?DynFile

# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf

Rsyslog can also send logs to the mysql database.  For this we need to import ommysql modules.

$ModLoad ommysql
*.* :ommysql:dbhost,dbname,dbuser,dbpassword

For more information about the rsyslog configuration, please visit gentoo.

Posted by:

admin

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.