Remote Infrastructure Management: Linux syslog Server Configuration Tutorial

Step by Step for configuring linux syslog server:

SYSLOG:

Syslog is a utility for tracking and logging all manner of system messages from the merely informational to the extremely critical. Each system message sent to the syslog server has two descriptive labels associated with it that makes the message easier to handle.

You can configure syslog's /etc/rsyslog.conf configuration file to place messages of differing severities and facilities in different files.

/etc/syslog.conf:

The files to which syslog writes each type of message received is set in the /etc/rsyslog.confconfiguration file. In older versions of Fedora this file was named /etc/syslog.conf.

The syslogd daemon manages all the logs on your system and coordinates with any of the logging operations of other systems on your network. Configuration information for syslogd is held in the /etc/syslog.conf file, which contains the names and locations for your system log files.

By Default system accept the logs only generated from local host. In this example we will configure a log server and will accept logs from client side.

For this syslog server configuration, i am using one as linux server another as a linux log client.

To check the hostname of the linux servers use the following command.

$hostname

To check the ipaddress use the following command.
$ifconfig

EX: SenthilTSM1 10.5.5.125 (Syslog Server)
vnbsenthil 10.0.0.234 (Client)

If you don't have DNS server, then update the host information in both systems /etc/hosts file.

Ping with the hostname on both the systems.

Now, edit the syslog server configuration file:
vi /etc/sysconfig/syslog (Older version of redhat,centos and fedora)

vi /etc/sysconfig/rsyslog (newer version)