RSyslog – The Basics

Writing by on Wednesday, 3 of December , 2014 at 10:38 pm

Honestly, I found syslog-ng simpler to use once I knew The Basics. However, I also needed to do some testing with rsyslog and hence needed to dig in.

Setup and configure the Host Machine where you will receive the syslog messages.

# 1. Install rsyslog
$ sudo apt-get install rsyslog

# 2. Backup the config file syslog-ng.conf
$ sudo cp /etc/rsyslog.conf /etc/rsyslog.conf.orig

# 3. Edit the config file
$ sudo vi /etc/rsyslog.conf

# 4. Enable TCP/UDP by Uncommenting the following
# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514

# Add a file that will be the destination for your Syslog
local5.* /var/log/my_rsyslog.log

# 5. Restart rsyslog
$ sudo service rsyslog restart

When you configure your Appliance to forward syslog to your Host at local5, you will see the logs in “/var/log/my_rsyslog.log”.

Leave a comment

Category: Linux

No Comments

No comments yet.

Leave a comment

You must be logged in to post a comment.

Shivdev Kalambi's Blog

Shivdev Kalambi is a Software Development Manager, previously a Principal Software Engineer at ArcSight/HP. With over 16 years' experience in software development, he's worked on several technologies and played different roles and contributed to all phases of projects. Non-tech activies include Ping-pong, Rock Climbing and Yoga at PG, Golf, Skiing, Swimming & a beer enthusiast.