====== Linux Syslog ======

FIXME Unfinished - Need modify for newer CentOS (rsyslog), test and verify

Assumptions:

  * Your local network is 192.168.1.0/24
  * The host you'd like to log for is also on that network
  * You are only using IPv4

===== CentOS 5 Server =====

==== Firewall ====

Open the server's firewall to listen on UDP port 514:

<file>
vim /etc/sysconfig/iptables
</file>

Insert:

<file>
-A INPUT –s 192.168.1.0/255.255.255.0 -m udp -p udp --dport 514 -j ACCEPT
</file>

Save, exit and restart ''iptables'':

<file>
service iptables restart
</file>

==== Configure Syslog ====

<file>
vim /etc/sysconfig/syslog
</file>

Modify the existing line by adding ''-r'':

<file>
SYSLOGD_OPTIONS="-m 0 -r"
</file>

Then restart ''syslog'':

<file>
service syslog restart
</file>

Verify that syslog is monitoring port 514:

<file>
netstat –anp | grep 514
</file>

If you get no result, then something's wrong. If you get a result, then syslog is working and monitoring port 514.

Configure syslog to create a logfile for your device:

<file>
vim /etc/syslog.conf
</file>

Add these lines:

<file>
# Describe host you're logging here
*.*                                          /etc/log/yourlogfilename.log
</file>

Note: the spaces between . and /etc/log/... must be inserted using the TAB key! logfilename.log can be whatever name you want for your logfile.

Set-up whatever device allows for syslog and give it the IP address of your PBX system. If you want another CentOS machine to send logs to yours, then 

<file>
vim /etc/syslog.conf
</file>

Add a line like this:

<file>
*.*                                     @IPADDRESSOFRECEIVING MACHINE
</file>

Note: the spaces between . and @IPADDRESS must be inserted using the TAB key!

To view the logfile:

<file>
tail -f /var/log/yourlogfilename.log
</file>