Configure rsyslog, configure syslog

-

Configuring rsyslog on the Centralized Logging Server

The steps in this procedure must be followed on the system that you intend to use as your centralized logging sever. All steps in this procedure must be run while logged in as the root user.
  1. Configure SELinux to allow rsyslog traffic. 
    # semanage -a -t syslogd_port_t -p udp 514
  2. Configure the iptables firewall to allow rsyslog traffic.
    1. Open the /etc/sysconfig/iptables file in a text editor.
    2. Add an INPUT rule allowing UDP traffic on port 514 to the file. The new rule must appear before any INPUT rules that REJECT traffic. 
      -A INPUT -m state --state NEW -m udp -p udp --dport 514 -j ACCEPT
    3. Save the changes to the /etc/sysconfig/iptables file.
    4. Restart the iptables service for the firewall changes to take effect. 
      # service iptables restart
  3. Open the /etc/rsyslog.conf file in a text editor.
    1. Add this line to the file, defining the location logs will be saved to: 
      $template TmplAuth, "/var/log/%HOSTNAME%/%PROGRAMNAME%.log" 

authpriv.*   ?TmplAuth
*.info,mail.none,authpriv.none,cron.none   ?TmplMsg
    2. Remove the comment character (#) from the beginning of these lines in the file: 
      #$ModLoad imudp
#$UDPServerRun 514
       
      Save the changes to the /etc/rsyslog.conf file.
      Your centralized log server is now configured to receive and store log files from the other systems in your environment. 
      If you want to save the log files with hostname and date stamps add the following lines :

      $template DynFile,"/var/log/syslog/%HOSTNAME%/%$YEAR%.%$MONTH%.%$DAY%/date.log"
      :source, !isequal, "localhost" ?DynFile
      :source, !isequal, "localhost" ?DynFile ~

Comments

Post a Comment

Popular posts from this blog

Python reference Interview questions

-
1)HCL Python scripting developer Interview questions:- 1) How do you check list of files in the given path in python ?? 2) How do you check whether file is exist or not in python 3) How do you perform copy file cmd in python ?? 4) What is d use of setup.py in python 5) What is d use of __init__=__main__: condition in python?? 6) What is d type of *args and **kargs ?? 7) sys.path use in python ??   2) CES Limited Python developer Interview Face2Face Interview questions:- 1.Basic questions on oops:   *.Implement Base class using Instance, static and Abstract method     instance method - takes two arguments to add operation     static method - takes two args to multiply operation     abstract method - takes two args to div operation   *. Implement child class using 3 instance methods     instance - takes three args for add operation     instance - takes two args for...
Read more

Rebuild the initial ramdisk image in Red Hat Enterprise Linux

-
How to rebuild the initial ramdisk image in Red Hat Enterprise Linux  SOLUTION VERIFIED  - Updated  April 12 2016 at 10:15 AM  -  English  Environment Red Hat Enterprise Linux (RHEL) 3 Red Hat Enterprise Linux (RHEL) 4 Red Hat Enterprise Linux (RHEL) 5 Red Hat Enterprise Linux (RHEL) 6 Red Hat Enterprise Linux (RHEL) 7 initrd / initramfs image Issue How to rebuild the initial ramdisk image in Red Hat Enterprise Linux How to remake or recreate the initrd or initramfs The  /etc/lvm/lvm.conf  and root file system resides on a logical volume. How to ensure the changes are applied upon rebooting? The  /etc/multipath.conf  and my root file system resides on a multipath device. How to ensure the changes are applied upon rebooting? The module options in  /etc/modprobe.conf  or  /etc/modprobe.d/  have been modified. How to ensure the changes are applied upon rebooting? Resolution When adding new ha...
Read more

[SOLVED]* Please wait for the system Event Notification service

-
Image
There are different ways to solve this issue , Few of them are mentioned below .A permanent fix for this issue is yet to find. Solution : 1 Remove "Windows Live Messenger" from their terminal server resolved logout issues. Solution : 2 Start "Remote Desktop Services Manager" Identify the user ID in the Users tab In the Processes tab sort by ID Go down to the user ID and end the winlogon.exe process the user session will be logged off Solution : 3 From: mikefrobbins.com by graham ross From a command prompt on my PC or another computer on the domain I ran this to find out the PID of the svchost.exe associated with SENS sc \servername queryex SENS Note down the PID of that process and kill that process using PID. taskkill /S servername /PID xxxx /F Solution: 4 From : Windows Sever Forum The COM+ Event System timed out attempting to fire the Logoff method on event class {D5978650-5B9F-11D1-8DD2-00AA004ABD5E} for publisher and subscriber . The subscriber failed ...
Read more