Setup SysLog Server on CentOS 7

由于测试,需要安装一个syslog server, Windows上的免费软件搜到了KIWI Syslog Server,但是需要注册,然后还得去等两天的审核,想想还是算了不折腾了,打算在Linux上装一个,还好过滤看log。

Install
[root@xuxing ~]#yum install rsyslog
Configure
[root@xuxing ~]# vi /etc/rsyslog.conf

$ModLoad imudp
$UDPServerRun 514

[root@xuxing ~]# systemctl restart rsyslog
[root@xuxing ~]# systemctl enable rsyslog
[root@xuxing ~]# firewall-cmd --permanent --add-port=514/udp
[root@xuxing ~]# firewall-cmd --reload
[root@xuxing ~]# netstat -antup | grep 514
udp        0      0 0.0.0.0:514             0.0.0.0:*                           623/rsyslogd        
udp6       0      0 :::514                  :::*                                623/rsyslogd 

//check syslog file 
[root@xuxing ~]# tail -f -n 1 /var/log/messages
Nov  8 14:38:57 9006j UTC:  13132: LC/0/3/CPU0:Nov  8 14:38:57.197 UTC: fib_mgr[192]: %ROUTING-FIB-3-PLATF_UPD_FAIL : FIB platform update failed: Obj=DATA_TYPE_LABEL_INFO[ptr
配置
$template TMP,"%timegenerated% %FROMHOST% %msg%\n"
local7.*  /var/log/syslog;TMP

If $fromhost-ip == ‘xxx.xxx.xxx.xxx’ or $fromhost-ip == ‘xxx.xxx.xxx.xxx’ then /home/log/archive.log;templateName

Tags:

           

No comments

Comments feed for this article

Reply

Your email address will not be published. Required fields are marked *