Linux Log Server rsyslog and linux Log rsyslog

Linux Log Server rsyslog and linux Log rsyslog

In Linux, rsyslog can be used to centrally manage system logs. In this case, there is usually a log server, and each machine configures its own logs to be written to a remote log server through rsyslog.

Assume that there are two servers, one as the System Log Server (such as the machine name logmaster) and the other as the log client (such as the machine name logclient)

Log Server Configuration

First, modify the/etc/rsyslog. conf file on the log master machine and uncomment the following four lines.

$ModLoad imudp$UDPServerRun 514$ModLoad imtcp$InputTCPServerRun 514

Then restart the rsyslogd service.

$ sudo /etc/init.d/rsyslog restart

Log client Configuration

Modify the/etc/rsyslog. conf file on the log node machine.
Add the following lines at the end to allow Linux to write logs to the remote log mater machine at the same time.

*.*         @logmaster

Then restart the rsyslogd service.

$ sudo /etc/init.d/rsyslog restart

Test

You can use the logger command on Linxu to write a system log, for example

$ logger 'hello world'

Then, view the/var/log/messages file on the log master machine.

Jun 28 14:58:16 logclient root: hello world

It includes the date, log source (machine name), process name, and log Content.

Reprinted please mark the address of this article as a link
Address: http://blog.csdn.net/kongxx/article/details/46671575