The syslog functionality is one of the main tools for a sysadmin. While writing logfiles with events of interest is a common feature of any application, having a system-wide logging functionality means all logs can be handled as one on the system.
This is a companion discussion topic for the original entry at https://linuxconfig.org/install-syslog-on-redhat-8
1 Like
Has anyone tried to set up a centralized logging server on a CentOS 8 system yet? The steps used for 7 don’t translate into 8 so well. Thanks
Hi GatorNation,
Welcome to our forums.
I happen to set up the server side on RHEL8 a few days back, which comes with the same rsyslog version as CentOS 8.
The only real difference I noticed is the syntax of binding the ruleset to the listener. Mind you, it’s a basic setup. For example, if the ruleset that applies to all incoming log entries called “remoteRS”, on older rsyslog versions I could add (for TCP traffic):
$InputTCPServerBindRuleset remoteRS
$InputTCPServerRun 514
And on RHEL8 I needed to change this to:
input(type="imtcp" port="514" ruleset="remoteRS")
Apart from that, all my old rules worked without modification. As with the old version, the imtcp module have to be loaded first.
On client side, forwarding worked with the same syntax as before.
Hi Sandmann,
Thank you for your response and for the additional information. It has been helpful.
Do you (or anyone else) have any experience with using an analyzer tool with rsyslog? What do you use and is there a cookbook somewhere?
Thank you again for your help!!!