Hi Rainer, Thank you for reply.
My firewall is disabled. rreddy@rreddy-node2:~$ sudo ufw status Status: inactive rreddy@rreddy-node2:~$ Can you please elaborate " check if rsyslog emits messages on startup ". Being learner I could not catch what do you mean. Thank you, Eshwar On Thu, Apr 26, 2018 at 11:50 AM, Rainer Gerhards <[email protected]> wrote: > check if rsyslog emits messages on startup. I guess it does so. > Otherwise check system config, e.g. firewall, ... > > Rainer > > 2018-04-26 6:00 GMT+02:00 eswar472 via rsyslog <[email protected] > >: > > Hi, > > > > I am trying to test remote logging between two ubuntu machines. In the > > ubuntu machine which i wanted to make it as server, i changed the > > /etc/rsyslog.conf as below. After that i restarted service with "sudo > > service rsyslog restart" then checked netstat. I dont see 514 port is > open. > > As per some suggestions in internet i tried with ports 10514 and 20514, > but > > no luck. > > > > Commands I executed after changing configuration file > > > > rreddy@rreddy-node2:~$ sudo service rsyslog restart > > rsyslog stop/waiting > > rsyslog start/running > > rreddy@rreddy-node2:~$ netstat | grep 514 > > unix 3 [ ] STREAM CONNECTED 30472 > > @/tmp/.ICE-unix/25149 > > unix 3 [ ] STREAM CONNECTED 73514 > > unix 3 [ ] STREAM CONNECTED 23293 > > @/tmp/.ICE-unix/25149 > > > > > > Below is the content of my /etc/rsyslog file > > > > # /etc/rsyslog.conf Configuration file for rsyslog. > > # > > # For more information see > > # /usr/share/doc/rsyslog-doc/ > html/rsyslog_conf.html > > # > > # Default logging rules can be found in /etc/rsyslog.d/50-default.conf > > > > > > ################# > > #### MODULES #### > > ################# > > > > $ModLoad imuxsock # provides support for local system logging > > $ModLoad imklog # provides kernel logging support > > #$ModLoad immark # provides --MARK-- message capability > > > > # provides UDP syslog reception > > $ModLoad imudp > > $UDPServerRun 514 > > > > # provides TCP syslog reception > > $ModLoad imtcp > > $InputTCPServerRun 514 > > > > $AllowedSender TCP, 127.0.0.1, 10.22.42.115 > > $template Incoming-logs,"/var/log/test.log" > > > > ########################### > > #### GLOBAL DIRECTIVES #### > > ########################### > > > > # > > # Use traditional timestamp format. > > # To enable high precision timestamps, comment out the following line. > > # > > $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat > > > > # Filter duplicated messages > > $RepeatedMsgReduction on > > > > # > > # Set the default permissions for all log files. > > # > > $FileOwner syslog > > $FileGroup adm > > $FileCreateMode 0640 > > $DirCreateMode 0755 > > $Umask 0022 > > $PrivDropToUser syslog > > $PrivDropToGroup syslog > > > > # > > # Where to place spool and state files > > # > > $WorkDirectory /var/spool/rsyslog > > > > # > > # Include all config files in /etc/rsyslog.d/ > > # > > $IncludeConfig /etc/rsyslog.d/*.conf > > > > > > Can you help me in finding what is wrong with this configuration. > > > > Thank you, > > Eshwar > > _______________________________________________ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
