edit /etc/rsyslogd.conf
uncomment
$ModLoad imtcp
$InputTCPServerRun 514
add a line after "*.emerg"
*.emerg /var/log/emerg.conf
Add firewall rule of TCP port 514
# firewall-cmd --permanent --zone=public --add-port=514/tcp
# firewall-cmd --reload
On Ubuntu syslog client
edit /etc/rsyslog.d/50-default.conf
add a line after "*.emerg"
*.emerg @@172.16.0.1
Try on client:
# logger -p user.emerg "emerg from XXXX"
Check the syslog server is recieved.
# cat /var/log/emerg.log
沒有留言:
張貼留言