Configuring Remote Logging on Linux

1 hour
  • 3 Learning Objectives

About this Hands-on Lab

In this hands-on lab, you will configure remote logging from one server to another. The goal of this activity is to gain experience with being able to set up logging between servers.

In this activity, you need to configure *Server1* as the log host for *Server2*.

*This course is not approved or sponsored by Red Hat.*

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Configure Server1 to receive logs.

Server1 will need to be configured to receive logs via TCP.

Uncomment the following section within /etc/rsyslog.conf:

$ModLoad imtcp
$InputTCPServerRun 514

Then, under the line starting with local7.*, add the following:

$template DynFile,"/var/log/hosts/system-%HOSTNAME%.log"
*.* -?DynFile

Restart the rsyslog service.

Verify the host is listening on port 514.

Open the firewall to permanently permit incoming traffic on TCP port 514 and reload it.

Configure Server2 to send logs to Server1.

Verify Server2 can connect to Server1 over TCP port 514.

On Server2, modify the /etc/rsyslog.conf file.

Uncomment the following lines:

$ActionQueueFileName fwdRule1 # unique name prefix for spool files
$ActionQueueMaxDiskSpace 1g   # 1gb space limit (use as much as possible)
$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
$ActionQueueType LinkedList   # run asynchronously
$ActionResumeRetryCount -1    # infinite retries if host is down

Uncomment the following line and edit as follows:

*.* @@

Restart the rsyslog service.

Verify logs are being sent to Server1.

Verify the /var/log/hosts directory was created and is being populated.

Use tail on the /var/log/hosts/system-ip-10-0-1-11.log file to see entries from Server2.

You can use the logger command to add entries to the log:

On Server2, enter the following command 3 times:

logger "THIS IS A TEST"

Verify these entries are showing up in the log file on Server1.

Additional Resources

Youve been asked to configue Server1 to receive logs from Server2. These logs should be placed in /var/log/hosts/HOSTNAME.log.

Note: The tasks under OBJECTIVES have the answers as part of the Tasks. You should try to perform the tasks without looking at the answers where possible.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?