rsyslog_central_loghost
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
rsyslog_central_loghost [2014/06/24 18:35] – [rsyslog - central loghost] admin | rsyslog_central_loghost [2021/10/09 15:14] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 7: | Line 7: | ||
* Reload iptables. < | * Reload iptables. < | ||
* Configure SELinux to allow remote logging over tcp. < | * Configure SELinux to allow remote logging over tcp. < | ||
- | * Create rsyslog config **/ | + | * Create rsyslog config: |
+ | * **/ | ||
+ | $IncludeConfig / | ||
+ | | ||
+ | $ModLoad imklog | ||
+ | #$ModLoad immark | ||
+ | |||
+ | # Provides UDP syslog reception | ||
$ModLoad imudp | $ModLoad imudp | ||
$UDPServerRun 514 | $UDPServerRun 514 | ||
Line 15: | Line 22: | ||
$InputTCPServerRun 514 | $InputTCPServerRun 514 | ||
- | # Do not store loghost | + | #### GLOBAL DIRECTIVES #### |
- | :hostname, !isequal, "loghost" | + | |
+ | # Use default timestamp format | ||
+ | $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | ||
+ | |||
+ | # File syncing capability is disabled by default. This feature is usually | ||
+ | # not useful and an extreme performance hit | ||
+ | # | ||
+ | * / | ||
+ | $template FILENAME,"/ | ||
+ | |||
+ | # Log all messages not from localhost to the dynamically formed file. | ||
+ | :fromhost-ip, !isequal, "127.0.0.1" | ||
+ | & ~</ | ||
+ | * / | ||
+ | |||
+ | # Log all kernel messages to the console. | ||
+ | # Logging much else clutters up the screen. | ||
+ | # | ||
+ | |||
+ | # Log anything (except mail) of level info or higher. | ||
+ | # Don't log private authentication messages! | ||
+ | *.info; | ||
+ | |||
+ | # The authpriv file has restricted access. | ||
+ | authpriv.* | ||
+ | |||
+ | # Log all the mail messages in one place. | ||
+ | mail.* | ||
+ | |||
+ | |||
+ | # Log cron stuff | ||
+ | cron.* | ||
+ | |||
+ | # Everybody gets emergency messages | ||
+ | *.emerg | ||
+ | |||
+ | # Save news errors of level crit and higher in a special file. | ||
+ | uucp, | ||
- | $template FILE. "/var/log/remote/ | + | # Save boot messages also to boot.log |
- | *.* ?FILE | + | local7.* |
- | </ | + | |
* Restart rsyslog service. < | * Restart rsyslog service. < | ||
- | * |
rsyslog_central_loghost.1403634901.txt.gz · Last modified: 2014/06/24 18:35 by admin