KEMBAR78
Sending Log Messages To A Log Server | PDF
Scribd
Upload
1 views1 page

Sending Log Messages To A Log Server

To send log messages to a central logging server, edit the /etc/rsyslogd.conf file and use the syntax '*.* @@HOST:PORT#' where HOST is the server's address and PORT# is optional. You can choose between TCP and UDP for transport, with TCP being preferred for important messages. Additionally, you can compress the data using zlib by specifying (zNumber) for compression level, which is also optional.

Uploaded by

xxwrld3
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1 views1 page

Sending Log Messages To A Log Server

To send log messages to a central logging server, edit the /etc/rsyslogd.conf file and use the syntax '*.* @@HOST:PORT#' where HOST is the server's address and PORT# is optional. You can choose between TCP and UDP for transport, with TCP being preferred for important messages. Additionally, you can compress the data using zlib by specifying (zNumber) for compression level, which is also optional.

Uploaded by

xxwrld3
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Sending Log Messages to a Log Server:

To send all your log messages to a central logging host server, open the
/etc/rsyslogd.conf configuration file and go to the file’s bottom;

You’ll need to add a line to the file with syntax that follows the standard facility.priority
action of the syslog protocol, but most administrators send everything to the remote
logging server, so the *.* is used.

However, the action for sending log messages to a remote server has the following
special syntax:

TCP|UDP[(zNumber)]HOST:[PORT#]

This action syntax is rather confusing, so let’s step through it:

TCP|UDP: You can select either the TCP or UDP protocols (covered in Chapter 8) to
transport your log messages to the central log server. UDP can lose data, so you should
select TCP if your log messages are important. Use a single at sign (@) to select UDP
and double at signs (@@) to choose TCP.

[(zNumber)]: The brackets indicate this syntax is optional. The z selects zlib to compress
the data prior to traversing the network, and the # picks the compression level, which
can be any number between 1 (lowest compression) and 9 (highest compression). Note
that you must enclose the z and the number between parentheses, such as (z5) .

HOST: This syntax designates the central logging server either by a fully qualified
domain name (FQDN), such as example.com, or an IP address. If you use an IPv6
address, it must be encased in brackets.

[PORT#]: The brackets indicate that this syntax is optional. This designates the port on
the remote central logging host where the log service is listening for incoming traffic.

Example;

*.* @@remote-host:514

You might also like