Graphic tutorial on configuring log server in Linux

Preface

This article mainly introduces the relevant content about Linux configuration log server, sharing it for your reference and learning. Let's take a look at the detailed introduction.

Log server configuration file: /etc/rsyslog.conf

Server side:

The server IP is as follows:

Edit the log server configuration file:

Here, choose either UDP or TCP

Copy the two commented sentences and then uncomment them.

Enter the directory to create a configuration file and configure the client to be monitored

Vim editor opens

The content is as follows:

The content format is as follows:

: attribute, comparison operator, "value" storage location

Attributes include the following
fromhost Which host name sent from
fromhost-ip Which ip sent it from
msg is determined from the content of the log information
hostname The comparison operators for judging the hostname in the log include the following
contains
isequal
startswith starts with

Restart the log service

You can see that a directory record file has been generated in the target directory, and the content is empty

Client side:

The client IP is: 192.168.0.100/24

Edit the configuration file:

Add the following line at the end to specify the log server address and port number

Save and exit, restart the log service

Start verification:

Use the server to try to connect to the client via ssh:

Connection failed due to password entry

Now let’s check the log file:

As above, the ssh connection record has been recorded in the log file

Summarize

The above is the full content of this article. I hope that the content of this article will have certain reference learning value for your study or work. If you have any questions, you can leave a message to communicate. Thank you for your support for 123WORDPRESS.COM.