====== Linux Syslog ======
FIXME Unfinished - Need modify for newer CentOS (rsyslog), test and verify
Assumptions:
* Your local network is 192.168.1.0/24
* The host you'd like to log for is also on that network
* You are only using IPv4
===== CentOS 5 Server =====
==== Firewall ====
Open the server's firewall to listen on UDP port 514:
vim /etc/sysconfig/iptables
Insert:
-A INPUT –s 192.168.1.0/255.255.255.0 -m udp -p udp --dport 514 -j ACCEPT
Save, exit and restart ''iptables'':
service iptables restart
==== Configure Syslog ====
vim /etc/sysconfig/syslog
Modify the existing line by adding ''-r'':
SYSLOGD_OPTIONS="-m 0 -r"
Then restart ''syslog'':
service syslog restart
Verify that syslog is monitoring port 514:
netstat –anp | grep 514
If you get no result, then something's wrong. If you get a result, then syslog is working and monitoring port 514.
Configure syslog to create a logfile for your device:
vim /etc/syslog.conf
Add these lines:
# Describe host you're logging here
*.* /etc/log/yourlogfilename.log
Note: the spaces between . and /etc/log/... must be inserted using the TAB key! logfilename.log can be whatever name you want for your logfile.
Set-up whatever device allows for syslog and give it the IP address of your PBX system. If you want another CentOS machine to send logs to yours, then
vim /etc/syslog.conf
Add a line like this:
*.* @IPADDRESSOFRECEIVING MACHINE
Note: the spaces between . and @IPADDRESS must be inserted using the TAB key!
To view the logfile:
tail -f /var/log/yourlogfilename.log