Difference between revisions of "RSYSLOG"
Jump to navigation
Jump to search
Michael.mast (talk | contribs) (Created page with "==CentOS 7== <ref>https://www.itzgeek.com/how-tos/linux/centos-how-tos/setup-syslog-server-on-centos-7-rhel-7.html</ref> ===Purpose=== To receive logs from NXFilter for remote...") |
Michael.mast (talk | contribs) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
To receive logs from NXFilter for remote parsing, because users be doin' stuff! | To receive logs from NXFilter for remote parsing, because users be doin' stuff! | ||
===Commands=== | ===Commands=== | ||
| + | For me rsyslog was already installed from the minimal install package, just needed to update the config file. In this case I am running on the same server NXFilter is running on.<ref>https://www.rsyslog.com/tag/ruleset/</ref><ref>https://www.youtube.com/watch?v=fewUSu_QZAY</ref> | ||
| + | *Check that the following entries are set correctly. | ||
| + | /etc/rsyslog.conf | ||
| + | <pre> | ||
| + | Ruleset (name="nxfilter") {Action (type="omfile" file="/var/log/nxfiltersys.log")} | ||
| + | |||
| + | # Provides UDP syslog reception | ||
| + | $ModLoad imudp | ||
| + | $UDPServerRun 514 | ||
| + | Input (type="imudp" port="514" ruleset="nxfilter") | ||
| + | </pre> | ||
Latest revision as of 10:43, 3 April 2018
CentOS 7
Purpose
To receive logs from NXFilter for remote parsing, because users be doin' stuff!
Commands
For me rsyslog was already installed from the minimal install package, just needed to update the config file. In this case I am running on the same server NXFilter is running on.[2][3]
- Check that the following entries are set correctly.
/etc/rsyslog.conf
Ruleset (name="nxfilter") {Action (type="omfile" file="/var/log/nxfiltersys.log")}
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
Input (type="imudp" port="514" ruleset="nxfilter")
