[rsyslog] (no subject)

termo meter Fri, 07 Jun 2013 03:27:42 -0700

Hi All,


im new to rsyslog. 

What i try to do, i setup 2 rsyslog server, rsyslog1 and rsyslog2.

My firewall logs forward to rsyslog1 using syslog udp514, i manage to receive 
the log ar rsyslog1.

At rsyslog1, i do some log correlation. the result is output to file 
"output.txt".

I want to forward the result to the rsyslog2. 

But till now i unable to receive logs at rsyslog2.


Here my rsyslog.conf file.




        Code:
        root@ubuntu:/etc# more rsyslog.conf

$ModLoad imuxsock # provides support for local system logging
$WorkDirectory /home/rsyslog/sec-2.7.2/output.txt
$ModLoad imklog   # provides kernel logging support (previously done by rklogd)
#$ModLoad immark  # provides --MARK-- message capability

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514

##########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
#$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner adm
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser adm
$PrivDropToGroup adm

#
# Where to place spool files
#
$ActionQueueType LinkedList   # use asynchronous processing
$ActionQueueFileName srvrfwd  # set file name, also enables disk mode
$ActionResumeRetryCount -1    # infinite retries on insert failure
$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
*.*       @@192.168.0.124:514
#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf

Thanks.

_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of 
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE 
THAT.

[rsyslog] (no subject)

Reply via email to