Remote Logging Server: Syslog | Rsyslog
Enabling remote logging on in linux is very simple. Most distributions include Syslog and most recently Rsyslog. The configuration is different between these two products, but can get either excepting remote logs by editing a single file. You should always read the man pages and read about syslog security while at it.
Syslog
# Add “-r” to the end of the “RSYSLOGD_OPTIONS”. Example:
|
1 2 3 4 |
vi /etc/default/syslog RSYSLOGD_OPTIONS="-c3 -r" service syslog restart |
Rsyslog
# Uncomment the following lines in /etc/rsyslog.conf file
|
1 2 3 4 |
$ModLoad imudp $UDPServerRun 514 service rsyslog restart |