I have RHEL Machine where I tried to create a Centralized Logging event which I wrote in my own blog http://linuxhunt.blogspot.com/2009/1...d-logging.html
Setup the syslog server
On the system you want to use as the syslog server, edit the file /etc/sysconf/syslog, and add '-r' as follows:
# Options to syslogd
# -m 0 disables 'MARK' messages.
# -r enables logging from remote machines
# -x disables DNS lookups on messages recieved with -r
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-m 0 -r"
# Options to klogd
# -2 prints all kernel oops messages twice; once for klogd to decode, and
# once for processing with 'ksymoops'
# -x disables all klogd processing of oops messages entirely
# See klogd(8) for more details
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
root@remy:/root>netstat -an|grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:*
Now TRy logging into client and make the changes as:
For simplicity, I added a line in the /etc/hosts file to add the name 'loghost' to the other names I am using for my logging server. This is actually beneficial - because I can move my syslog server to another host - and I only have to modify the hosts file...
Next, edit the /etc/syslog.conf file. I added 1 simple line to log all informational messages to the remote loghost:
Note: separate all columns with the tab character, not space.
Finally restart syslog on the client with /etc/init.d/syslog restart.
To test, you can use the command line logging facility called logger. On the client I type:
And on the server I see:
root@remy:/root>tail -f /var/log/messages
Jun 28 21:17:29 booker bemo: foobar
May I know how it gets added to logs on server.
Do Client http logs to server http??
Sendmail(Client) ==> Sendmail(Server) ??
vsftpd (Client) --> VSFTPD (Server) ??
How does Logs queue up in Server Side?