LINUX SERVER

[printfriendly]

Instructions for forwarding Linux Server logs to your Log Management device

PREREQUISITES

Linux Server
  • Credentials to access the Linux Server
  • Secure Shell (SSH) access configured on the Linux Server
Clone Systems Log Management Device
  • The IP Address for the Clone Systems Log Management device
Instructions

1. Open a command prompt and SSH into the Linux Server using a tool like PuTTY.

2. Open the rsyslog configuration file.

  • vi /etc/rsyslog.conf

3. Go to the end of the rsyslog configuration file and add the following lines in order to configure log messages to be sent to the Clone Systems Log Management device.

  • #(udp)
  • *.* @{ IP Address of Clone Systems Log collector }:514
  • #[tcp}*.* @@{ IP Address of Clone Systems Log collector }:514
  • *.* @@{ IP Address of Clone Systems Log collector }:514
  • EXAMPLE:
  • #(udp)
  • *.* @10.1.1.1:514
  • #[tcp}
  • *.* @@10.1.1.1:514

4. Save the rsyslog configuration file.

5. Restart the rsyslog service.

  • service rsyslog restart

6. Restart the Linux server

  • reboot -f