Configure Syslog Server and Client

Server

Install syslog sudo yum install rsyslog

Edit /etc/rsyslog.conf and uncomment the below lines. This is a basic config but will be commented out for a better config.

$ModLoad imudp
$UDPServerRun 514

$ModLoad imtcp
$InputTCPServerRun 514

Current running config is found here and shown below. This runs on udp 514 and automatically formats logs and locations based on the host. Save this config in /etc/rsyslog.d/

module(load="imudp")
input(type="imudp" port="514" ruleset="RemoteDevice")
template(name="DynFile" type="string"
	string="/var/log/remote-syslog/%HOSTNAME%/%$YEAR%.%$MONTH%.%$DAY%.%PROGRAMNAME%.log"
)
ruleset(name="RemoteDevice"){
	action(type="omfile" dynaFile="DynFile")
}

Start syslog with sudo systemctl start rsyslog

Client Add Logging

Install syslog sudo yum install rsyslog

Create .conf file in /etc/rsyslog.d/ with the content user.notice @{server ip} @=UDP, @@ means TCP.

Restart syslog sudo systemctl restart rsyslog

Test logging with logger -t test message

Client Add Authpriv messages

Linux Client

edit /etc/rsyslog.d/file and add the following line.

`authpriv.* @172.16.50.5``

Vyos Client

configure
set system host 172.16.50.5 facility authpriv level info
commit
save

syslog - samuel-richardson/Sam-Tech-Journal GitHub Wiki

Configure Syslog Server and Client

Server

Client Add Logging

Client Add Authpriv messages

⚠️ GitHub.com Fallback ⚠️

syslog - samuel-richardson/Sam-Tech-Journal GitHub Wiki

Configure Syslog Server and Client

Server

Client Add Logging

Client Add Authpriv messages

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️