Remote Syslog Log service under UNIX

Syslog is the System log in Unix system, so syslogd is a very important service, usually the system troubleshooting and some important events are written in the log, but in the actual production environment often the server is not only one or several, and in the large batch of server log analysis, If it is a station to look at the log will be very time-consuming and laborious, then in the normal production environment can use one or more servers for one or multiple clusters of log collection as a log server, to configure the log server is very simple, here is a brief introduction to the remote SYSLOGD configuration:

[[email protected] log]# vim /etc/sysconfig/syslog# options to syslogd#  -m 0 disables  ' MARK '  messages.# -r enables logging from  remote machines# -x disables dns lookups on messages recieved  WITH -R# SEE SYSLOGD (8)  for more detailssyslogd_options= "-m 0 -r" # In this row add-r parameter, turn on remote logging function ... Slightly... [[email protected] log]# /etc/init.d/syslog restart# Restart syslogd[[email protected]  log]# netstat -nulp|grep syslogudp        0       0 0.0.0.0:514                  0.0.0.0:*                               &nbsp 26805/SYSLOGD#SYSLOGD Listening port is 514 ports on UDP, this port can receive the host log written by firewall when it is open # As for other syslog clients just modify the SYSLOGD configuration file, Restart SYSLOGD, if the log server IP is 192.168.1.254, the client is configured as follows: [[email protected] log]# vim /etc/ syslog.conf*.*     @192.168.1.254# Add this line

The remote log server is configured as long as it is configured to determine the log messages for different host names by filtering the host names in the log, so if you want to know more messages can be viewed through the man 8 syslogd.

This article is from the "Technical essay" blog, please be sure to keep this source http://jim123.blog.51cto.com/4763600/1879393

Remote Syslog Log service under UNIX