rsyslog_central_loghost
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
rsyslog_central_loghost [2014/06/24 17:52] – [rsyslog - central loghost] admin | rsyslog_central_loghost [2014/06/24 19:14] – [rsyslog - central loghost] admin | ||
---|---|---|---|
Line 6: | Line 6: | ||
-A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT</ | -A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT</ | ||
* Reload iptables. < | * Reload iptables. < | ||
- | * Create rsyslog config **/ | + | |
+ | | ||
+ | * **/ | ||
+ | $IncludeConfig / | ||
+ | | ||
+ | $ModLoad imklog | ||
+ | #$ModLoad immark | ||
+ | |||
+ | # Provides UDP syslog reception | ||
$ModLoad imudp | $ModLoad imudp | ||
$UDPServerRun 514 | $UDPServerRun 514 | ||
Line 12: | Line 20: | ||
# Provides TCP syslog reception | # Provides TCP syslog reception | ||
$ModLoad imtcp | $ModLoad imtcp | ||
- | $InputTCPServerRun 514</ | + | $InputTCPServerRun 514 |
+ | |||
+ | #### GLOBAL DIRECTIVES #### | ||
+ | |||
+ | # Use default timestamp format | ||
+ | $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | ||
+ | |||
+ | # File syncing capability is disabled by default. This feature is usually not required, | ||
+ | # not useful and an extreme performance hit | ||
+ | # | ||
+ | * / | ||
+ | $template FILENAME,"/ | ||
+ | |||
+ | # Log all messages not from localhost to the dynamically formed file. | ||
+ | : | ||
+ | & ~</ | ||
+ | * / | ||
+ | |||
+ | # Log all kernel messages to the console. | ||
+ | # Logging much else clutters up the screen. | ||
+ | # | ||
+ | |||
+ | # Log anything (except mail) of level info or higher. | ||
+ | # Don't log private authentication messages! | ||
+ | *.info; | ||
+ | |||
+ | # The authpriv file has restricted access. | ||
+ | authpriv.* | ||
+ | |||
+ | # Log all the mail messages in one place. | ||
+ | mail.* | ||
+ | |||
+ | |||
+ | # Log cron stuff | ||
+ | cron.* | ||
+ | |||
+ | # Everybody gets emergency messages | ||
+ | *.emerg | ||
+ | |||
+ | # Save news errors of level crit and higher in a special file. | ||
+ | uucp, | ||
+ | |||
+ | # Save boot messages also to boot.log | ||
+ | local7.* | ||
* Restart rsyslog service. < | * Restart rsyslog service. < | ||
- | * |
rsyslog_central_loghost.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1