Monday, August 2, 2021
In Linux there's a service often called the Central Logger which generates logs for itself or if permited collects logs for other servers. The service name is rsyslog and the configuration file is located in /etc/rsyslog.conf
One of the more common usage scenario is that once you scaled out your infrastructure and have hundreds of servers you don't want to log into every servers that are having problems if you need to troubleshoot an issue. That would take forever, so it is useful to have a centralize logging location.
The command to install the package is dnf install rsyslog -y
To start and enable the service you can type the command
- systemctl start rsyslog
- systemctl enable rsyslog
In the conf file /etc/rsyslog.conf there's a line that specifies the remote server to send you logging information to, if the server is going to be the client and not the central logger. Look for the line#
#'.' @@remote-host:514
If you want to send you logs to another server replace the remote-host with the host's IP address or fully qualified hostname and as you can see it will be sending traffic through port 514
Now you can run the service with the command systemctl start rsyslog
No comments:
Post a Comment