rsyslog 相关配置

2019-03-22 本文已影响0人 akka9

接收外部日志

/etc/sysconfig/rsyslog

SYSLOGD_OPTIONS="-r -x -m 0"

/etc/rsyslog.conf


# 远程日志不记录这里，行首加上 !local0.*;
!local0.*;*.info;mail.none;authpriv.none;cron.none                /var/log/messages

$ModLoad imudp
$UDPServerRun 514

$template IpTemplate,"/data/syslog/host/%FROMHOST-IP%/%$YEAR%-%$MONTH%-%$DAY%_%syslogfacility-text%"
$template NetTemplate,"/data/syslog/net/%FROMHOST-IP%/%$YEAR%-%$MONTH%-%$DAY%_%syslogfacility-text%"

:FROMHOST-IP, startswith, "10.9.250." ?NetTemplate
:FROMHOST-IP, startswith, "10.7.3.254" ?NetTemplate
& ~

#:FROMHOST-IP, isequal, "192.168.1.100" ?IpTemplate
:FROMHOST-IP, startswith, "192.168." ?IpTemplate
:FROMHOST-IP, startswith, "10.8." ?IpTemplate
& ~

思科设备把日志发送到 syslog 服务器

logging on
logging host 192.168.1.1
service timestamps debug datetime localtime show-timezone msec
service timestamps log datetime localtime show-timezone msec

rsyslog 相关配置

接收外部日志

思科设备把日志发送到 syslog 服务器

猜你喜欢

热点阅读