Introduction
Remote logging allows you to send your logs from one machine to another. This enables you to keep a backup of your logs. You could also have all of your machines log to the same place. This would then give you one place to check your logs at.
In this lab, we will set up a machine as the logging server, and then we will direct our client to log to the log server.
1) For the log server, (we’ll use 192.168.0.1 as the example), we need to enable remote logging. Log on to the log server and edit /etc/sysconfig/syslog. Make sure that SYSLOGD_OPTIONS looks like:
SYSLOGD_OPTIONS="-r -m 0"
2) Once you have made the above change, restart syslogd on the log server:
# service syslog restart
3) On the client, edit /etc/syslog.conf. For any messages that you want to log to the log server, you will need to change the entries. For example, I have:
*.info;mail.none;authpriv.none;cron.none /var/log/messages
If I want these messages to log to the log server, I would change this line to:
*.info;mail.none;authpriv.none;cron.none @192.168.0.1
Replacing 192.168.0.1 with whatever your log server’s ip is.
4) Let’s also add a line to log user.* to our log server:
user.* @192.168.0.1
Restart syslogd on the clinet:
# service syslog restart
5) If you would like to test this setup, you can do the following:
logger -i -t user1 "Testing Logging"
At this point, you should see messages from your client in your server’s /var/log/messages.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment