Skip to main content

Forwarding logs from rsyslog client to a remote rsyslogs server

Software Requirements

  1. Linux operating system
  2. Rsyslog installed (version 5.0 or higher recommended)
  3. Root or sudo access

Network Requirements

  1. Network connectivity between client and remote server
  2. Defined IP address of the remote Rsyslog server
  3. Open network ports (typically 514 for UDP or TCP)

Step 1:

In the Rsyslog Client (machine)

  1. To login as root just type : sudo i-
  2.  Enter root password
  3. Type: sudo yum update  && yum install rsyslog,                                                    Note: please verify if syslog is successfully installed.
  4. Type the following commands for the for rsyslog server and  rsyslog Client  : systemctl start rsyslog and systemctl enable rsyslog
  5. Check the status of the rsyslog using this command: systemctl status rsyslog                                 Note: It should be in active state

Step 2:

  1. Type this command  to edit : vim /etc/rsyslog.conf
  2. Find the lines if enabled $Modload imusock and $Modload imjournal
  3. Find the lines  $Modload imudp and $UDPServerRun 514 and enable it. Note to enable uncomment those lines.

 

 

For Rsyslog Server and  Rsyslog Client (machine)

Back to top