rsyslog_central_loghost
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
rsyslog_central_loghost [2014/06/24 17:52] – [rsyslog - central loghost] admin | rsyslog_central_loghost [2014/06/24 18:34] – [rsyslog - central loghost] admin | ||
---|---|---|---|
Line 6: | Line 6: | ||
-A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT</ | -A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT</ | ||
* Reload iptables. < | * Reload iptables. < | ||
+ | * Configure SELinux to allow remote logging over tcp. < | ||
* Create rsyslog config **/ | * Create rsyslog config **/ | ||
$ModLoad imudp | $ModLoad imudp | ||
Line 12: | Line 13: | ||
# Provides TCP syslog reception | # Provides TCP syslog reception | ||
$ModLoad imtcp | $ModLoad imtcp | ||
- | $InputTCPServerRun 514</ | + | $InputTCPServerRun 514 |
+ | |||
+ | # Do not store loghost logs in remote directory | ||
+ | :hostname, !isequal, " | ||
+ | |||
+ | $template FILE. "/ | ||
+ | *.* ?FILE | ||
+ | </ | ||
* Restart rsyslog service. < | * Restart rsyslog service. < | ||
* | * |
rsyslog_central_loghost.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1