Setup Centralized Logging Server in Linux | Configure rsyslog Server & Client in RHEL (CentOS)

Configure Centralized rsyslog Server in RHEL:
———————————————————————-
rsyslog is responsible for log processing in RHEL. rsyslog is abbreviation of ‘Rocket Fast System for Log processing’. rsyslog offers high-performance, great security features and modular design. It can accept input from wide variety of sources, transform it and output the result to diverse destinations.

In this article, we will configure a central logging server using rsyslog on RHEL and then we will configure RHEL clients to submit their local logs to this rsyslog based central logging server.

Environment Specification:
We are using two virtual machines, one as the rsyslog server and the other as the rsyslog client.
SERVER IP Address: 192.168.1.180 (RHEL 7.7)
CLIENT IP Address: 192.168.1.170 (RHEL 7.3)

Configuring rsyslog Server on RHEL 7.7:
—————————————————
1. rsyslog is by default installed on most of the Linux distros including RHEL/CentOS.
Connect to rsyslog server and check status of rsyslog.service, start it if it is not running. (Install the package from repository if there is no such service present)
# rpm -qi rsyslog
# systemctl start rsyslog.service
# systemctl enable rsyslog.service
# systemctl status rsyslog.service

2. Now we are configuring rsyslog settings to accept input from other machines.
# vim /etc/rsyslog.conf
Find and uncomment following two directives.
$ModLoad imtcp
$InputTCPServerRun 514

Save settings.

3. Now restart the rsyslog.service.
# systemctl restart rsyslog.service

4. Allow rsyslog service port in Linux firewall and reload the firewall.
# firewall-cmd –permanent –add-port=514/tcp
# firewall-cmd –reload

Our rsyslog server has been configured to received input from other log sources via port 514/tcp.

Configuring rsyslog Client on RHEL 7.3:
—————————————————
1. Connect to rsyslogclient.nehraclasses and check status of rsyslog.service, start & enable it if not running.
# rpm -qi rsyslog
# systemctl start rsyslog.service
# systemctl enable rsyslog.service
# systemctl start rsyslog.service

2. Now configure rsyslog client to transmit its log to our rsyslog server by adding the following directives in /etc/rsyslog.conf
# vim /etc/rsyslog.conf
# *.* 192.168.1.180:514

3. Restart the rsyslog.service to apply changes.
# systemctl restart rsyslog.service

Our rsyslog client has been configured.
=========================================

Now connect to our rsyslog server and check /var/log/messages
# tail /var/log/messages

We can see that client is forwarding its logs to server.

We have successfully configure a central login server using rsyslog on CentOS 7.

================
Thanks for watching the video. Please like our videos, share with your friends and feel free to ask anything, post your queries in comments section. We will be glad to answer your queries. Don’t forget to subscribe the channel & turn on the bell notifications.
===============
Our Some Popular Videos:

NAVIC:

Learn Linux Fundamentals:

Concept of All RAID Levels:

Configure RAID-0 in Linux:

Configure RAID-1 in Linux:

Configure RAID-5 in Linux:

Configure RAID-6 in Linux:

Configure RAID-10 in Linux:

LVM Snapshot:

====================================================
Contact Us:

To Follow Vikas Nehra’s Twitter Handle:👇
http://bit.ly/VikasNehraTwitterHandle

For Registration:👇
http://bit.ly/NehraClassesRegForm

To Follow Our Twitter Handle:👇
http://bit.ly/NehraClassesTwiiterHandle

To Visit Our Facebook Page:👇
www.facebook.com/nehraclasses

To Follow Nehra Classes on Instagram:👇
https://www.instagram.com/nehraclasses/

To Our Visit Our Webpage:👇
http://bit.ly/NehraClassesWebpage

Join Us on Telegram App: 👇
https://t.me/NehraClasses

WhatsApp Us: 👇
https://bit.ly/2Kpqp5z

Email Us:👇
Email: nehraclasses@gmail.com
============
©COPYRIGHT. ALL RIGHTS RESERVED.

source by Nehra Classes

redhat openstack