About: it’s a log management tool

Step1. Install the package

yum install rsyslog

Step2. Configuration file location

cat /etc/rsyslog.conf

Step3. Uncomment the following to make your server to listen on the udp and tcp ports

$MODLOAD IMUDP
$UDPSERVERRUN 514
$MODLOAD IMTCP
$INPUTTCPSERVERRUN 514

Step4. Allow the 514 port on firewall

firewall-cmd –permanent –add-port=514/udp
firewall-cmd –permanent –add-port=514/tcp

Step5. Reload the firewall service

firewall-cmd –reload

Step6. Enable/start the service

systemctl enable rsyslog
systemctl start rsyslog
systemctl status rsyslog

Step7. Check the logs

tail -10 /var/log/messages

——————Client configuration————————–

Step1. Install the package

yum install rsyslog

Step2. Configuration file

vi /etc/rsyslog.conf

Note: Add and modify the following lines

Under –RULES– directive section, add the following line *.* @192.168.33.53/24 mail.* @192.168.33.53/24 –For all logs add line *.* @192.168.33.53/24

Step3. Enable/start the service

systemctl enable rsyslog
systemctl start rsyslog
systemctl status rsyslog

Note: Similarly, you can configure as many as clients you want. to monitor the logs

LEAVE A REPLY

Please enter your comment!
Please enter your name here