I was just hanging around blogs until I cam across one nice piece of setting up centralized Logging setup.I thought to try it out of mine and here is the output:Syslog is a fantastic facility for logging on Linux machines. Lets say you have a small number of servers, and want to log them all to one central syslog server. Here we’ll describe a simple configuration.
syslog-2
1) Setup the syslog serverOn the system you want to use as the syslog server, edit the file /etc/sysconf/syslog, and add ‘-r’ as follows:

  1. Options to syslogd
  2. -m 0 disables ‘MARK’ messages.
  3. -r enables logging from remote machines
  4. -x disables DNS lookups on messages recieved with -r
  5. See syslogd(8) for more details

SYSLOGD_OPTIONS=”-m 0 -r”

  1. Options to klogd
  2. -2 prints all kernel oops messages twice; once for klogd to decode, and
  3. once for processing with ‘ksymoops’
  4. -x disables all klogd processing of oops messages entirely
  5. See klogd(8) for more details

KLOGD_OPTIONS=”-x”

Initially I added -x because I thought it would use networked DNS. But as I am logging all from local servers, all of which are defined in /etc/hosts, it doesn’t actually go to the network for name lookup. And, having the name of the system in the log file is nice.

Now, restart syslog, and confirm that syslog is listening on port 514 (the syslog port):

root@ajeet:/root>/etc/init.d/syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]
root@ajeet:/root>netstat -an|grep 514
udp 0 0 0.0.0.0:514 0.0.0.0:*

2) Now, configure your client:

For simplicity, I added a line in the /etc/hosts file to add the name ‘loghost’ to the other names I am using for my logging server. This is actually beneficial – because I can move my syslog server to another host – and I only have to modify the hosts file…

Next, edit the /etc/syslog.conf file. I added 1 simple line to log all informational messages to the remote loghost:

*.info @loghost

Note: separate all columns with the tab character, not space.

Finally restart syslog on the client with /etc/init.d/syslog restart.

To test, you can use the command line logging facility called logger. On the client I type:

root@tuxbuddy:/etc>logger foobar

And on the server I see:

root@ajeet:/root>tail -f /var/log/messages

Jun 28 21:17:29 tubxuddy bemo: fooba

Hence, the centralized logging server is Ready !!!

Clap

Categories: Docker

Ajeet Raina

My name is Ajeet Singh Raina and I am an author of this blogging site. I am a Docker Captain, ARM Innovator & Docker Bangalore Community Leader. I bagged 2 special awards last year(2019) : Firstly, “The Tip of Captain’s Hat Award” at Dockercon 2019, San Francisco and secondly, “2019 Docker Community Award“. I was overwhelmed to receive the first award in front of around 5000 audience.

3 Comments

Spartherm · 11th October 2016 at 12:20 pm

whoah this weblog is magnificent i really like studying your posts. Keep up the good paintings! You already know, a lot of persons are hunting round for this info, you could help them greatly.

Kominki sopot · 13th October 2016 at 1:19 am

I really like your blog.. very nice colors & theme. Did you make this website yourself or did you hire someone to do it for you? Plz respond as I’m looking to design my own blog and would like to know where u got this from. kudos

fotbollströjor · 1st April 2017 at 4:24 pm

Its like you read my mind! You appear to know so
much about this, like you wrote the book in it or something.
I think that you could do with some pics to
drive the message home a bit, but instead of that, this
is excellent blog. An excellent read. I will definitely be back.

fotbollströjor

Leave a Reply

Your e-mail address will not be published. Required fields are marked *