====== Linux Syslog ====== FIXME Unfinished - Need modify for newer CentOS (rsyslog), test and verify Assumptions: * Your local network is 192.168.1.0/24 * The host you'd like to log for is also on that network * You are only using IPv4 ===== CentOS 5 Server ===== ==== Firewall ==== Open the server's firewall to listen on UDP port 514: vim /etc/sysconfig/iptables Insert: -A INPUT –s 192.168.1.0/255.255.255.0 -m udp -p udp --dport 514 -j ACCEPT Save, exit and restart ''iptables'': service iptables restart ==== Configure Syslog ==== vim /etc/sysconfig/syslog Modify the existing line by adding ''-r'': SYSLOGD_OPTIONS="-m 0 -r" Then restart ''syslog'': service syslog restart Verify that syslog is monitoring port 514: netstat –anp | grep 514 If you get no result, then something's wrong. If you get a result, then syslog is working and monitoring port 514. Configure syslog to create a logfile for your device: vim /etc/syslog.conf Add these lines: # Describe host you're logging here *.* /etc/log/yourlogfilename.log Note: the spaces between . and /etc/log/... must be inserted using the TAB key! logfilename.log can be whatever name you want for your logfile. Set-up whatever device allows for syslog and give it the IP address of your PBX system. If you want another CentOS machine to send logs to yours, then vim /etc/syslog.conf Add a line like this: *.* @IPADDRESSOFRECEIVING MACHINE Note: the spaces between . and @IPADDRESS must be inserted using the TAB key! To view the logfile: tail -f /var/log/yourlogfilename.log