Setup Centralized Log Server with rsyslog on Ubuntu Server
Folder and permission
====================
mkdir /var/log/network-logs
mkdir /var/log/network-logs/logs-archive
chown syslog:adm /var/log/network-logs
chown syslog:adm /var/log/network-logs/logs-archive
Rsyslog config
===============
nano /etc/rsyslog.d/network-logs.conf
#################
#### MODULES ####
#################
provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="5140")
#Custom template to generate the log filename dynamically based on the client's IP address or Hostname.
$template RemoteInputLogs, "/var/log/network-logs/%HOSTNAME%/%PROGRAMNAME%.log"
. ?RemoteInputLogs
Log Rotation
===========
nano /etc/logrotate.d/network-logs
/var/log/network-logs/*.log
{
size 100M
copytruncate
create
compress
olddir /var/log/network-logs/logs-archive
rotate 4
postrotate
/usr/lib/rsyslog/rsyslog-rotate
endscript
}
Restart service
==============
systemctl restart rsyslog
Show service status
=================
systemctl status rsyslog
Watch video Setup Centralized Log Server with rsyslog on Ubuntu Server online without registration, duration hours minute second in high quality. This video was added by user Ripon4You 03 June 2023, don't forget to share it with your friends and acquaintances, it has been viewed on our site 6,912 once and liked it 47 people.