You are here

howto basic remote system logging with rsyslog on fedora 17

my laptop began to freeze up and i cant get anything from my local logs so i had to set up remote logging. all i had to do was follow these easy steps

so on the client side

sudo vi /etc/rsyslog.conf

and go right to the bottom of the file where it says "remote host". yes, use those as key words. you will find an entry that looks like:

#*.* @@remote-host:514

remove the hash and put in the ip of the remote syslog server (in my case it was my desktop). you can of course, put in the hostname instead of ip, but make sure the name is resolvable first.

and finally, we restart the service with

service rsyslog restart

and thats it on the client side.

on the server side we open up the same file and look for the line that says "# Provides TCP syslog reception". the next 2 lines we remove the hash from them, like so

$ModLoad imtcp
$InputTCPServerRun 514

next, in /etc/sysconfig/iptables we add a rule to allow rsyslog packets through the firewall

-A INPUT -m state --state NEW -m tcp -p tcp --dport 514 -j ACCEPT

and finally we restart the services with

service iptables restart
service rsyslog restart

now to verify; on the server side you should

tailf /var/log/messages

while on the client side you should run a command similar to

logger user.warn this is a test logger message that should go to my loghost

and thats it.

let me know what you think of the howto in the comments section below