Differences

This shows you the differences between two versions of the page.

--- computing:linux:syslog [2015/03/16 14:56]
gcooper created
+++ computing:linux:syslog [2021/07/28 14:05] (current)
gcooper old revision restored (2015/03/16 14:25)
@@ Line 1: / Line 1: @@
 ====== Linux Syslog ======
-===== Centos 5 Server =====
+FIXME Unfinished - Need modify for newer CentOS (rsyslog), test and verify
-:!: This example assumes that your local network is 192.168.1.0/24.
+Assumptions:
-Open the firewall to listen on UDP port 514:
+  * Your local network is 192.168.1.0/24
+  * The host you'd like to log for is also on that network
+  * You are only using IPv4
+===== CentOS 5 Server =====
+==== Firewall ====
+Open the server's firewall to listen on UDP port 514:
+<file>
 vim /etc/sysconfig/iptables
+</file>
-add before CONFIRM:
+Insert:
+<file>
 -A INPUT –s 192.168.1.0/255.255.255.0 -m udp -p udp --dport 514 -j ACCEPT
+</file>
-Save and Exit.
+Save, exit and restart ''iptables'':
-restart iptables:
+<file>
 service iptables restart
+</file>
-    Configure Syslog to monitor Port 514:
+==== Configure Syslog ====
-cd /etc/sysconfig
+<file>
+vim /etc/sysconfig/syslog
+</file>
-nano syslog
+Modify the existing line by adding ''-r'':
-modify the line that reads:
-SYSLOGD_OPTIONS="-m 0"
-by adding -r inside the quotes, i.e.
+<file>
 SYSLOGD_OPTIONS="-m 0 -r"
+</file>
-Then restart syslog:
+Then restart ''syslog'':
+<file>
 service syslog restart
+</file>
-    Verify that syslog is monitoring port 514:
+Verify that syslog is monitoring port 514:
+<file>
 netstat –anp | grep 514
+</file>
 If you get no result, then something's wrong. If you get a result, then syslog is working and monitoring port 514.
-    Configure syslog to create a logfile for your device:
+Configure syslog to create a logfile for your device:
-cd /etc
+<file>
+vim /etc/syslog.conf
-nano syslog.conf
+</file>
 Add these lines:
-# Put a description of what you're logging here - this is for your benefit and
+<file>
-# you can put anything you want
+# Describe host you're logging here
-*.*                                          /etc/log/logfilename.log
+*.*                                          /etc/log/yourlogfilename.log
+</file>
 Note: the spaces between . and /etc/log/... must be inserted using the TAB key! logfilename.log can be whatever name you want for your logfile.
-    Set-up whatever device allows for syslog and give it the IP address of your PBX system. If you want another Centos Machine to send logs to yours, then
+Set-up whatever device allows for syslog and give it the IP address of your PBX system. If you want another CentOS machine to send logs to yours, then
-cd /etc
-nano syslog.conf
+<file>
+vim /etc/syslog.conf
+</file>
 Add a line like this:
+<file>
 *.*                                     @IPADDRESSOFRECEIVING MACHINE
+</file>
 Note: the spaces between . and @IPADDRESS must be inserted using the TAB key!
-    To view the logfile:
+To view the logfile:
-cd /etc
+<file>
-nano logfilename.log
+tail -f /var/log/yourlogfilename.log
+</file>

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools