How To Configure Rsyslog Centralized Log Server On Linux

How To Configure Rsyslog Centralized Log Server On Linux

Rsyslog is an Open Source logging utility available in the Linux server. By default, It’s installed and it receives the logs from the client machine. Suppose if the client-server get crashes, you don’t need to worry about it. We can configure and install the Syslog server in Linux. we will see how to configure rsyslog centralized server.

Check Out: Windows Screen lock Automatically Using Group Policy

It supports only UDP protocol and if you want to use TCP, you can also do but I would prefer UDP. Rsyslog extends the functionality of Syslog like content-based filtering, logging into directly a database, TLS encryption and TCP for transport.

Our Rsyslog Server IP: 192.168.185.129

Our Rsyslog Client IP: 192.168.185.143

Rsyslog is already installed in Linux OS. If you don’t find it, you can install using yum install rsyslog -y

Check Out: How To Create Backup of Gitlab Server On CentOS 7

you can also check rsyslog using rsyslogd -v

how to configure rsyslog

systemctl status rsyslog

syslog server configure

you have to modify a file /etc/rsyslog.conf and uncomment the lines.

linux syslog server

Check Out: How To Install Memcached Memory Caching In Linux

If you require to enable TCP rsyslog, you can simply uncomments these lines.

configure syslog server

Open the rsyslog port 514 in the firewall.

firewall-cmd -–permanent –add-port=514/tcp

firewall-cmd -–permanent –add-port=514/udp

firewall-cmd –reload

install rsyslog linux

Now restart the rsyslog server and also enable on boot.

systemctl restart rsyslog && systemctl enable rsyslog

Check Out: How To Enable Monitoring of Server On Amazon Cloud

you can also check port is listening with below commands

netstat -tnlpu | grep 514

how to check rsyslog status in linux

Now rsyslog server successfully configured and you can also check the real-time logs using tail -f /var/log/messages

Client Configuration

you must check rsyslog service running and enable on the client machine as we have configured above.

systemctl status rsyslog && systemctl enable rsyslog

Check Out: Command To Check Swap Partition On Linux Server

you need two add these two lines at the end of a file.

Also, add ports 514 and restart the services.

Test The Connectivity

you have to send a message using the below command from a client machine that machine should show in rsyslog server logs.

Check Out: How To Install Samba File Sharing Server On Redhat 7

Client machine: you can send the message to the server using the logger command.

logger “we have configured rsyslog”

rsyslog Server log output:

You’re done syslog server configure  syslog server configure  server nstall rsyslog linux

Share on:

I'm the founder of Curious Viral. I hope this blog will provide you complete information about Linux Technology & I would like to share my technical knowledge with you which I have learned during this period.

Other Posts You May Like...

Leave a comment