close

LAB

*Logging to a centralized loghost

%server1的log複寫一份到server118


(1) server1
#vi /etc/syslog.conf
加入 user,* @server118
[root@server1 ~]# cat /etc/syslog.conf

---略--
# Save boot messages also to boot.log
local7.* /var/log/boot.log

user.* @server118

重新啟動syslog
#service syslog restart

(2)server118
iptables開放Port: 514(udp)
#log
iptables -t filter -A CLASS-RULES -m state --state NEW -p udp --dport 514 -j ACCEPT

#vi /etc/sysconfig/syslog
加入"-r "
[root@server118 ~]# cat /etc/sysconfig/syslog
# Options to syslogd
# -m 0 disables 'MARK' messages.
# -r enables logging from remote machines
# -x disables DNS lookups on messages recieved with -r
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-r -m 0"

重新啟動syslog
#service syslog restart

(3)測試

#logger -i -t server1 "this is a test 1"
#tail /var/log/messages

[root@server1 ~]# logger -i -t server1 "this is a test 1"
[root@server1 ~]# tail /var/log/messages
---略---
Aug 3 00:37:59 server1 server1[7642]: this is a test 1

[root@server118 ~]# tail /var/log/messages
---略---
Aug 3 00:37:59 192.168.0.254 server1[7642]: this is a test 1


arrow
arrow
    全站熱搜
    創作者介紹
    創作者 aquatower 的頭像
    aquatower

    2006隨手札記

    aquatower 發表在 痞客邦 留言(0) 人氣()

    E-mail轉寄