天天看点
返回

CentOS6.5安装配置官方最新版rsyslog Some log files are controlled by a daemon called rsyslogd.  Log files can also be managed by the journald daemon – a component of systemd.  Step1: Centos6.5最小化安装后默认使用的是5.X的版本,

Some log files are controlled by a daemon called rsyslogd. 

Log files can also be managed by the journald daemon – a component of systemd. 

Step1: Centos6.5最小化安装后默认使用的是5.X的版本,

为了安装最新版,下载rsyslog官方源http://rpms.adiscon.com/v8-stable/rsyslog.repo到系统/etc/yum.repo.d/

[root@192_168_174_68

~]# yum info rsyslog

Available Packages

Name :

rsyslog

Arch : x86_64

Version

: 5.8.10

Release :

10.el6_6

Size : 650 k

Repo : base

Summary :

Enhanced system logging and kernel message trapping daemons

URL :

http://www.rsyslog.com/

License :

(GPLv3+ and ASL 2.0)

Description :

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports

MySQL,

:

syslog/TCP, RFC 3195, permitted sender lists, filtering on any

message part,

: and

fine grain output format control. It is compatible with stock

sysklogd

can be used as a drop-in replacement. Rsyslog is simple to set up,

with

advanced features suitable for enterprise-class, encryption-protected

syslog

: relay

chains.

Step2.下载官方最新的源仓库

~]# wget http://rpms.adiscon.com/v8-stable/rsyslog.repo -O

/etc/yum.repos.d/rsyslog.repo

2016-02-26 11:35:45

(29.7 MB/s) - “/etc/yum.repos.d/rsyslog.repo” saved [227/227]

~]# cat /etc/yum.repos.d/rsyslog.repo

[rsyslog_v8]

name=Adiscon

CentOS-$releasever - local packages for $basearch

baseurl=http://rpms.adiscon.com/v8-stable/epel-$releasever/$basearch

enabled=1

gpgcheck=0

gpgkey=http://rpms.adiscon.com/RPM-GPG-KEY-Adiscon

protect=1

Step3.安装rsyslog软件。

~]# yum install rsyslog

Step4.备份原配置文件,并修改配置文件

~]# cp -pv /etc/rsyslog.conf{,.orig}

`/etc/rsyslog.conf'

-> `/etc/rsyslog.conf.orig'

~]# vim /etc/rsyslog.conf

确认已经开启下面2行,一个是unixsock日志,一个是内核日志。

#### MODULES ####

module(load="imuxsock")

# provides support for local system logging (e.g. via logger command)

module(load="imklog")

# provides kernel logging support (previously done by rklogd)

# Everybody gets

emergency messages

*.emerg

:omusrmsg:*

#开启udp支持。

module(load="imudp")

# needs to be done just once

input(type="imudp"

port="514")

#在配置文件的末尾添加自定义模板

$template TmplAuth,

"/var/log/rsyslog_custom/%HOSTNAME%/%PROGRAMNAME%.log"

$template TmplMsg,

authpriv.*

?TmplAuth

*.info,mail.none,authpriv.none,cron.none

?TmplMsg

最终的配置文件如下:

~]# grep -E -v '^#|^$' /etc/rsyslog.conf

$ActionFileDefaultTemplate

RSYSLOG_TraditionalFileFormat

$IncludeConfig

/etc/rsyslog.d/*.conf

*.info;mail.none;authpriv.none;cron.none

/var/log/messages

authpriv.*

/var/log/secure

mail.*

/var/log/maillog

cron.*

/var/log/cron

uucp,news.crit

/var/log/spooler

local7.*

/var/log/boot.log

step5添加SYSLOGD_OPTIONS=""到/etc/sysconfig/rsyslog

~]# cat /etc/sysconfig/rsyslog

# Options for

rsyslogd

# Syslogd options

are deprecated since rsyslog v3.

# If you want to use

them, switch to compatibility mode 2 by "-c 2"

# See rsyslogd(8)

for more details

SYSLOGD_OPTIONS=""

step6启动服务

~]# /etc/init.d/rsyslog start

Starting system

logger:

step7创建日志目录

~]# mkdir -p /var/log/rsyslog_custom

关于SELINUX的一些说明

Set SELINUX rules

for rsyslog

Some system admin,

disable the selinux .

If you want to keep

SELINUX enable. Use the below given command

(Read this post,in

case semanage command not found)

semanage fcontext -a

-t syslogd_exec_t /sbin/rsyslogd

restorecon

/sbin/rsyslogd

/usr/sbin/semanage

fcontext -a -t var_log_t "/var/log/rsyslog_custom(/.*)?"

/sbin/restorecon -R

-v /var/log/rsyslog_custom

step8:查看商品监听状态

~]# netstat -naup |grep rsyslogd

Active Internet

connections (servers and established)

Proto Recv-Q Send-Q

Local Address Foreign Address State

PID/Program name

udp 0 0

0.0.0.0:514 0.0.0.0:*

1039/rsyslogd

:::514 :::*

客户端:

step1安装软件仓库

[root@S192-168-175-40

step2.安装软件

step3添加服务器ip

添加

*.*

@192.168.174.68:514

step4.启动服务

~]# /etc/init.d/rsyslog restart

Shutting down system

logger: [FAILED]

logger: [ OK ]

step5.去服务器上对比客户端的/var/log/messages的日志与服务器上的是否一致。

rsyslog_custom]# pwd

/var/log/rsyslog_custom

rsyslog_custom]# ll

total 8

drwx------ 2 root

root 4096 Feb 26 13:27 192_168_174_68

root 4096 Feb 26 13:34 S192-168-175-40

S192-168-175-40]# ll

total 32

-rw------- 1 root

root 2028 Feb 26 13:34 kernel.log

root 0 Feb 26 13:34 rsyslogd.log

root 20135 Feb 26 13:40 snmpd.log

root 81 Feb 26 13:37 sshd.log

root 728 Feb 26 13:39 xinetd.log

开发工具 网络协议 关系型数据库 mysql centos rsyslog日志服务器 centos rsync安装配置 CentOS 6配置rsync 系统rsyslog was CentOS 6安装svn
上一篇: python学习手册25 OOP:宏伟蓝图
下一篇: docker进阶与实战 3 理解docker镜像

继续阅读