Personal tools

Skip to content. | Skip to navigation

This Logo Viewlet registered to qPloneSkinTechlight
You are here: Home Snippets Send any logfile to central server using rsyslog on CentOS

Send any logfile to central server using rsyslog on CentOS

In a larger environment its critical to centralize log-files. Third-party tools that write to a local log-file, but don't have to possibility to use syslog can be cumbersome on that point. This article provides you with a solution.

We need to install rsyslog and use it to replace the CentOS default sysklogd server. (We need at least one syslog provider so we start with installing before removing)

# yum install rsyslog
# service syslog stop
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]
# chkconfig syslog off
# chkconfig rsyslog on
# service rsyslog start
Starting system logger:                                    [  OK  ]

 

Next is editing /etc/rsyslog.conf. At the beginnig we add:

$ModLoad imfile

At the end we add:

# this will send to udp port 514 (use @@ to use tcp )
        
user.*  @10.20.30.40:514
        
#Monitor /var/3rdpartycrap/log/request.log   
$InputFileName /var/3rdpartycrap/log/request.log   
$InputFileTag tam_request:
$InputFileStateFile 3rdpartycrap-request.log
$InputFileSeverity notice
$InputFileFacility user
$InputRunFileMonitor
$InputFilePollingInterval 10

 

Restart rsyslog et voila:

# service rsyslog restartstart

 

Thanks to the unnamed colleague for sharing this.

 

Document Actions