Configure a system to accept logging from a remote system

Wednesday 22 June 2011

Configure a system to accept logging from a remote system

As I said in my previous post this should be combined with this objective, Configure a system to log to a remote system. At any rate, in order to configure a system to accept logging from a remote system, you need to edit the /etc/rsyslog.conf file.

Remove the comments from these lines to activate TCP remote logging.

#$ModLoad imtcp.so
#$InputTCPServerRun 514

so that they look like this

$ModLoad imtcp.so
$InputTCPServerRun 514

Open the firewall and save the configuration change to the firewall:

iptables -I INPUT -p tcp --dport 514 -j ACCEPT; service iptables save

All that remains is to restart the logging daemon:

service rsyslog restart

Note that you could use UDP instead or as well as TCP. The rsyslog manual is your friend.

Musings on Information Technology - A view from the trenches

Wednesday 22 June 2011

Configure a system to accept logging from a remote system

No comments:

Post a Comment