Skip to main content

Setup SysLog Server on CentOS 7

·111 words·1 min
Linux Linux
Rory
Author
Rory
Step by step the ladder is ascended
Table of Contents

由于测试,需要安装一个 syslog server, Windows 上的免费软件搜到了 KIWI Syslog Server,但是需要注册,然后还得去等两天的审核,想想还是算了不折腾了,打算在 Linux 上装一个,还好过滤看 log。

Install
#

[root@xuxing ~]#yum install rsyslog

Configure
#

[root@xuxing ~]# vi /etc/rsyslog.conf

$ModLoad imudp
$UDPServerRun 514

[root@xuxing ~]# systemctl restart rsyslog
[root@xuxing ~]# systemctl enable rsyslog
[root@xuxing ~]# firewall-cmd --permanent --add-port=514/udp
[root@xuxing ~]# firewall-cmd --reload
[root@xuxing ~]# netstat -antup | grep 514
udp        0      0 0.0.0.0:514             0.0.0.0:*                           623/rsyslogd
udp6       0      0 :::514                  :::*                                623/rsyslogd

//check syslog file
[root@xuxing ~]# tail -f -n 1 /var/log/messages
Nov  8 14:38:57 9006j UTC:  13132: LC/0/3/CPU0:Nov  8 14:38:57.197 UTC: fib_mgr[192]: %ROUTING-FIB-3-PLATF_UPD_FAIL : FIB platform update failed: Obj=DATA_TYPE_LABEL_INFO[ptr

配置
#

$template TMP,"%timegenerated% %FROMHOST% %msg%\n"
local7.*  /var/log/syslog;TMP

If $fromhost-ip == ‘xxx.xxx.xxx.xxx’ or $fromhost-ip == ‘xxx.xxx.xxx.xxx’ then /home/log/archive.log;templateName